<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Hi, <br>
<br>
Are you using psk or certificate to auth?<br>
<br>
Best Regards!<br>
Zhu Yanjun<br>
On 05/04/2015 05:18 PM, zhuyj wrote:<br>
</div>
<blockquote cite="mid:55473952.9050500@163.com" type="cite">
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
<div class="moz-cite-prefix">Hi, Bernhard<br>
<br>
Your problem is the same with mine.<br>
<br>
Best Regards!<br>
Zhu Yanjun<br>
<br>
On 05/04/2015 05:00 PM, Bernhard Marx wrote:<br>
</div>
<blockquote
cite="mid:CANg3f_5tun9EBij71zQN_pe4gD9swx-q9yen7XKtt5T3=Mz89g@mail.gmail.com"
type="cite">
<div dir="ltr">Hi Zhu,
<div><br>
</div>
<div>no problem. I wish I would have :-)</div>
<div>But moon and sun is connected via public networks? </div>
<div>This is my scenario:</div>
<div><br>
</div>
<div><a moz-do-not-send="true" href="http://192.168.2.0/24"
target="_blank" style="font-size:12.8000001907349px">192.168.2.0/24</a><span
style="font-size:12.8000001907349px"> <=>
192.168.2.1 hardware router xx.xx.xx.xx (public IP from
provider) <=> Internet <=> public IP on eth0
192.168.120.125 <=> </span><a moz-do-not-send="true"
href="http://192.168.120.0/24" target="_blank"
style="font-size:12.8000001907349px">192.168.120.0/24</a><span
style="font-size:12.8000001907349px"> on eth1</span><br>
</div>
<div><br>
</div>
<div>I can ping from 192.168.120.125 to 192.168.2.1 and vice
versa - but I can not reach any devices in the subnet...</div>
<div><br>
</div>
<div>Regards</div>
<div>Bernhard</div>
<div><br>
</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">2015-05-04 10:51 GMT+02:00 zhuyj <span
dir="ltr"><<a moz-do-not-send="true"
href="mailto:mounter625@163.com" target="_blank">mounter625@163.com</a>></span>:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div><span class="">Sorry. I thought your solve this
problem already. <br>
Do you think that it is related with psk or pubkey?
I mean that strongswan can support auth-based
certificate very well.<br>
Maybe there is something wrong with psk auth?<br>
<br>
</span> Zhu Yanjun
<div>
<div class="h5"><br>
<br>
On 05/04/2015 04:45 PM, zhuyj wrote:<br>
</div>
</div>
</div>
<div>
<div class="h5">
<blockquote type="cite">
<div>Hi, Marx<br>
<br>
Please let me know how to solve this problem.<br>
<br>
Thanks a lot.<br>
Zhu Yanjun<br>
<br>
On 05/04/2015 04:22 PM, Bernhard Marx wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">Dear <span
style="font-size:12.8000001907349px">Zhu,</span>
<div><span
style="font-size:12.8000001907349px"><br>
</span></div>
<div><span
style="font-size:12.8000001907349px">I
think I have the issue... as send a
request to mail list yesterday...</span></div>
<div><span
style="font-size:12.8000001907349px"><br>
</span></div>
<div><span
style="font-size:12.8000001907349px">Feedback
I received is to check the routing of
packets... but I cant identify the
issue...</span></div>
<div><span
style="font-size:12.8000001907349px"><br>
</span></div>
<div><span
style="font-size:12.8000001907349px">Regards</span></div>
<div><span
style="font-size:12.8000001907349px">Bernhard</span></div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">2015-05-04 10:17
GMT+02:00 zhuyj <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:mounter625@163.com"
target="_blank">mounter625@163.com</a>></span>:<br>
<blockquote class="gmail_quote"
style="margin:0 0 0 .8ex;border-left:1px
#ccc solid;padding-left:1ex">Hi, all<br>
<br>
I followed this link: <a
moz-do-not-send="true"
href="http://www.strongswan.org/uml/testresults/ikev2/net2net-psk/"
target="_blank">http://www.strongswan.org/uml/testresults/ikev2/net2net-psk/</a><br>
<br>
I configured 4 vmare hosts. The hosts are
ubuntu14.04.<br>
<br>
The network topology is as below.<br>
<br>
10.1.0.10 <---->10.1.0.1 (moon)
192.168.0.1<----->192.168.0.2 (sun)
10.2.0.1<---->10.2.0.10<br>
<br>
strongswan is 5.1.2.<br>
<br>
>From this link: <a
moz-do-not-send="true"
href="http://www.strongswan.org/uml/testresults/ikev2/net2net-psk/"
target="_blank">http://www.strongswan.org/uml/testresults/ikev2/net2net-psk/</a>,
after a vpn tunnel is created,<br>
I ran "ping 10.2.0.10" on clinet
10.1.0.10. But I can not get any reply
from 10.2.0.10.<br>
<br>
I can find the icmp packets into moon. But
moon will not forward these icmp packets.<br>
<br>
I exactly followed this link <a
moz-do-not-send="true"
href="http://www.strongswan.org/uml/testresults/ikev2/net2net-psk/"
target="_blank">http://www.strongswan.org/uml/testresults/ikev2/net2net-psk/</a>,
but I can not get<br>
the same test result with this link.<br>
<br>
Does any one have the similar experience?<br>
<br>
Any reply is appreciated.<br>
<br>
Thanks a lot.<br>
Zhu Yanjun<br>
<br>
<br>
_______________________________________________<br>
Users mailing list<br>
<a moz-do-not-send="true"
href="mailto:Users@lists.strongswan.org"
target="_blank">Users@lists.strongswan.org</a><br>
<a moz-do-not-send="true"
href="https://lists.strongswan.org/mailman/listinfo/users"
target="_blank">https://lists.strongswan.org/mailman/listinfo/users</a><br>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset></fieldset>
<br>
<pre>_______________________________________________
Users mailing list
<a moz-do-not-send="true" href="mailto:Users@lists.strongswan.org" target="_blank">Users@lists.strongswan.org</a>
<a moz-do-not-send="true" href="https://lists.strongswan.org/mailman/listinfo/users" target="_blank">https://lists.strongswan.org/mailman/listinfo/users</a></pre>
</blockquote>
<br>
<br>
<fieldset></fieldset>
<br>
<pre>_______________________________________________
Users mailing list
<a moz-do-not-send="true" href="mailto:Users@lists.strongswan.org" target="_blank">Users@lists.strongswan.org</a>
<a moz-do-not-send="true" href="https://lists.strongswan.org/mailman/listinfo/users" target="_blank">https://lists.strongswan.org/mailman/listinfo/users</a></pre>
</blockquote>
<br>
</div>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Users@lists.strongswan.org">Users@lists.strongswan.org</a>
<a class="moz-txt-link-freetext" href="https://lists.strongswan.org/mailman/listinfo/users">https://lists.strongswan.org/mailman/listinfo/users</a></pre>
</blockquote>
<br>
</body>
</html>