strongSwan is an open source, multi-platform IPsec-based VPN solution, with IKEv2 & IKEv1 support
strongSwan is an open source, multi-platform ipsec-based vpn solution, with IKEv2 & IKEv1 support.
More information can be found on strongswan.org.
Questions tagged [strongswan]
435 questions
0
votes
0 answers
Simple Strongswan installation caused server to be unreachable through (Open)SSH
While working on a remote machine (Debian 11.7 / Kernel 5.10.0-23-amd64) I have installed Strongswan to configure it as a VPN client.
apt install strongswan
after this, the service strongswan-starter.service is being started and the host becomes…
Ole K
- 101
- 3
0
votes
0 answers
ipsec package after decrypted can not be recieved by tproxy
My centos6 machine ipaddress is 192.168.56.10 (eth0). I have installed strongswan and a tproxy like v2ray with iptables:
iptables:
*mangle
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT…
liuliang
- 1
0
votes
2 answers
Can I make strongSwan accept any certificate as long as it is only signed by a specific CA?
Using a swanctl config, is there a way to make strongSwan accept any certificate for an IKEv2 connection as long as it is signed by a specific CA? What I mean is, without having to install the public keys of all possible certs on the server, after…
Mecki
- 889
- 1
- 8
- 16
0
votes
0 answers
Strongswan VPN with Checkpoint stuck on connecting
I am new to strongswan and linux so i'm trying to setup a vpn connection between a linux firewall cluster and a checkpoint gateway.
So this is my node list and resources:
root@Deb-FW-C1:/etc# crm status
Cluster Summary:
Stack: corosync
Current DC:…
Ian Twy
- 1
- 1
0
votes
0 answers
Using strongswan to connect a checkpoint vpn gateway using Ikev1 and xauth-hybrid
I try to connect to a r81.10 gateway using a linux distribution with strongswan.
Gateway accepts user:password only. Tested with Windows Version of Checkpoint Endpoint Software. Have to use ikev1.
The error looks like a PSK would not match but…
insane_IT
- 3
- 2
0
votes
0 answers
Cannot establish an IPsec site-to-site VPN between an EC2 instance and a SonicWALL firewall
I'm trying to establish a site-to-site IPsec VPN between an EC2 instance running StrongSwan and a SonicWALL firewall. I've tried a lot of different configurations, but currently I have this at the EC2 side:
conn A-B
authby=secret
…
Iran Rodrigues
- 1
- 1
0
votes
1 answer
Strongswan, Ubuntu 22.04: Can't start connection after reboot, although configuration is loaded
I am using two LXD-Containers (on both servers) for connecting between them.
Everything runs fine, using iptables for NATing ports.
But there is one problem:
When restarting one of the servers (just a small machine) the connection can't be…
unix_man666
- 1
- 1
0
votes
1 answer
strongSwan VPN tunnel (IKEv2) established but traffic times out
I have a VPN server that tunnels traffic to a PostgreSQL database server which is otherwise unreachable from the internet. The VPN is only reachable by IPv4.
Problem
All clients can establish a VPN connection. Some clients can't connect to the…
ffrosch
- 111
- 6
0
votes
0 answers
LibreSwan IKEv2 multiple left subnet for vpn splitting
I have built an IKEv2 VPN server.
The current config in /etc/ipsec.d/ikev2.conf is like this:
conn ikev2-cp
left=%defaultroute
leftcert=58.xx.xx.xxx
leftsendcert=always
leftsubnet=192.168.1.0/18
leftrsasigkey=%cert
right=%any
…
Gian Lorenzo Abaño
- 101
- 2
0
votes
0 answers
Strongswan IKEv2 VPN tunnel not establishing
I have searched for so many different solutions and I have not found anything, I am hoping that I can find the solution here.
We are configuring a new VPN, our old VPN is set up as an IKEv1 VPN, it works fine, the new one doesn't, it can establish a…
ReeceAB
- 1
0
votes
0 answers
IPSec VPN between StrongSwan and DrayTek Router fails on second rekeying
I want to establish an always-on IPSec VPN between a DrayTek Vigor2860 and an EdgeRouter X (which uses StrongSwan). The Draytek is behind a NAT and dials into the ER-X. The VPN connects and works, but disconnects at the second rekeying. It then…
masgo
- 433
- 1
- 4
- 12
0
votes
0 answers
VPN IKEv2 connection problems on Android, IKE_SA failed
I have a big problem with connecting to my VPN server from 50% of Android devices.
Cannot resolve it 2 weeks with network and android developers
VPN server based on IKEv2 with Charon and Strongswan libs, and it works stable with iPhone devices
But…
Maksim Zakharenka
- 11
- 1
0
votes
1 answer
No config named ... error when running ipsec up
I am getting the 'no config named ...' error like others have posted. I have auto=add in my etc/ipsec.conf file as I read in one post. I have followed everything which I have read online to no avail. I am running Ubuntu 22.04.1 and the latest…
RodO
- 1
- 2
0
votes
1 answer
Can't configure VPN on tp-link router using PSK
I've bought a VPS server and configured stronswan VPN. I was able to configure VPN on my Windows laptop(usinf certificate provided by Strongswan Web UI) and my android smartphon(configuration is provided by Strongswan Web UI) but I was not able to…
gstackoverflow
- 101
- 2
0
votes
0 answers
ike-scan 0 returned handshake 0 returned notify
I need to establish vpn connection to a specific site, I used strongswan and configure my side according to the provided parameters from another side, but when I try to connect I get 'peer not responding'. I used ike-scan on the ip they gave to me…
Mohammed Hafiz
- 11
- 2