[strongSwan] Setup site-to-site VPN via central server
Martin Sand
dborn at gmx.net
Fri Jul 29 23:46:05 CEST 2016
Ok, I have installed strongswan on my laptop (192.168.2.125) behind
vpn-second (192.168.2.1) and configured another subnet 192.168.3.0/24 on
the hub and assigned the virtual IP 192.168.3.1. Established tunnel,
sSeems to work. So now I simulate the other gateway 500km away.
When I now try to reach the desktop 192.168.2.100 the connection gets
refused by the vpn-second gateway.
Ping gives the following result:
PING arbeitszimmer (192.168.2.100) 56(84) bytes of data.
From router-second (192.168.2.1) icmp_seq=1 Destination Port Unreachable
So I added leftfirewall=yes on the vpn-second gateway ipsec.conf. Now it
works. I hope that solved the problem.
Best regards
Martin
More information about the Users
mailing list