Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [strongswan]

strongSwan is an open source, multi-platform IPsec-based VPN solution, with IKEv2 & IKEv1 support

strongSwan is an open source, multi-platform -based solution, with IKEv2 & IKEv1 support.

More information can be found on strongswan.org.

435 questions
3
votes
3 answers

Strongswan VPN successfull, but cannot ping anything

I'm on a ArchLinux-System trying to connect to my company VPN, which is served by a Juniper SRX100H. I'm trying to connect with Strongswan (5.5.3-3), and it seems to be successful: Starting strongSwan 5.5.3 IPsec [starter]... generating QUICK_MODE…
Sentenza
  • 101
  • 1
  • 1
  • 8
3
votes
1 answer

How do I configure StrongSwan to act as a IKEv1 client?

A customer of our development business has provided access to their IPSec VPN providing the necessary credentials (anonymized): Gateway: example.fake Group: MYGROUP User: MYUSER Password: MYPASSWORD PSK: MYPSK They have also provided the…
Andrea Lazzarotto
  • 131
  • 1
  • 1
  • 7
3
votes
1 answer

Strongswan running in container to create VPN tunnel between LAN and GCE?

I've got a CentOS 7 VM running strongSwan which sets up a VPN tunnel between our LAN and Google Compute Engine (Google Cloud VPN). This makes local machines on the LAN accessible by GCE instances and vice versa. I'd like to run strongSwan in a…
fredrik
  • 731
  • 15
  • 20
3
votes
1 answer

Why does 'ipsec statusall' not show any connections?

I've finally been able to get a tunnel between my computer (strongswan) and a Zyxel Zywall 110 up and running. I'm connecting using certificates, and judging from the logs the actual VPN connection seems to get established. May 4 14:14:49 user…
sbrattla
  • 1,578
  • 4
  • 28
  • 52
3
votes
0 answers

Strongswan to Cisco ASA

I have a problem with connection two nets with IPsec. On the one side is Cisco ASA 55xx on the other TP-Link router with Debian 8.3 with StrongSwan behind the NAT. The problem also that I have somehow to NETMAP/SNAT network on the TP-Link side. But…
F M
  • 31
  • 1
  • 4
3
votes
2 answers

Strongswan: clients can connect to server but no internet access

I've set up an ipsec server and after a while I could connect to it from my android device. but there is no internet connection in client side. I have also added NAT rules to forward traffics from virtual IPs but still problem exists. how can I find…
Ghasem Pahlavan
  • 196
  • 2
  • 12
3
votes
1 answer

Allow Strongswan roadwarrior to access local LAN

I have successfully established an IPSec tunnel between my local Linux host and a remote VPN gateway. I am using virtual IPs assign by the gateway because being a roadwarrior my local LAN subnet is not fixed. When it is up all traffic goes via the…
Robin Elvin
  • 141
  • 1
  • 1
  • 5
3
votes
1 answer

Missing iptables rules for Strongswan routing for VPN for phone

I have a Centos 6.6 VPS out on the Internet that has a public IP. I have installed StrongSwan 5.1.3 to allow my BlackBerry10 phone to connect from hotspots and use the VPS' connection. The VPS' IP shows when I go to www.whatismyip.com, and so I…
Timbo
  • 31
  • 1
  • 1
  • 3
3
votes
2 answers

Trying to replicate a working IPSec/L2TP config from OpenSWAN to StrongSWAN

I have a working OpenSWAN implementation for RA, using IPsec transport and l2tp for the tunnel, running in AWS. The instance has a private IP, with a public EIP mapped to it. I use the private ip for the left and leftsubnet parameters and the public…
Brett
  • 221
  • 3
  • 11
3
votes
1 answer

Is using EAP-MD5 in strongSwan a security risk?

Quoting Wikipedia: It offers minimal security; the MD5 hash function is vulnerable to dictionary attacks, and does not support key generation, which makes it unsuitable for use with dynamic WEP, or WPA/WPA2 enterprise However, Wikipedia discusses…
reish
  • 384
  • 1
  • 4
  • 13
3
votes
0 answers

Having trouble installing Racoon and Strongswan on the same system

I have two applications that I need to run, one uses Racoon for establishing IPSec tunnels and the other uses Strongswan. Therefore, I need both Racoon and Strongswan installed simultaneously on my Ubuntu 12.04 box. However, when I install…
exxodus7
  • 95
  • 1
  • 8
3
votes
1 answer

strongswan can't push DNS resolver to OSX Mountain Lion (split tunnel)

I'd like to set up an IPSec responder (VPN server) for OSX desktops and laptops. Everything seems to work fine, except I cannot push a DNS server to be used system-wide on the initiator (VPN client). I'm using Charon's IKEv1 support in StrongSwan…
Pierre Carrier
  • 2,617
  • 18
  • 28
3
votes
2 answers

strongSwan without password on iOS

I have the following problem: I need to authenticate on VPN with iOS without password, but with certificate only. The reason is I need "VPN on demand", which is active on certificate authentication only. I found this tutorial, but it uses…
Alex Petrov
  • 43
  • 2
  • 6
3
votes
1 answer

iPhone users does not connect to StrongSwan VPN, while Android and Windows 10 users do?

I have a StrongSwan VPN that for some reason unknown to me cannot connect iOS users to my VPN server. A few quick notes: My StrongSwan server is front for VPN clients who connects to my network. I used WireGuard for my backend site-to-site…
Lasse Michael Mølgaard
  • 947
  • 10
  • 27
3
votes
1 answer

Configure linux to route traffic from internal network through ipsec tunnel (policy based)

My company hosts cloud services. We have a partner that also hosts cloud services. We want to connect our network with theirs using ipsec / strongswan. Our clients should be able to reach the target servers using the vpn-router-server as a router /…
GameScripting
  • 181
  • 7
1 2 3
28 29