<div dir="ltr"><div>Good morning, </div><div><br></div><div>First of all, I apologize for my English. I'm using google translator.<br></div><div><br></div><div>I'm eating now with strongswan and I'm encountering a problem I can not solve. I'm closing a VPN Ipsec strongswan with Google Cloud ... at first the connection is established on both sides, but I'm encountering problems in the communication between the connections, I can ping and access everything when I'm on the side of the google cloud instance, but when I'm on the strongswan side I can not do anything and when I run cmomando ipsec statusall I verify that the tunnel is OK.</div><div>My question is is there any specific route that I should create? or the routes when the tunnel is established are created automatically.</div><div><br></div><div>Follows my narration for analysis.<br></div><div><br></div><div><div>
<span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">Google Cloud</span> </div><div>ip public: 35.196.XX.XXX</div><div>Network:
<span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><a href="http://192.168.3.0/24">192.168.3.0/24</a></span></div><div><br></div><div>
<span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">Firewall<span> </span></span> Debin (Strongswan)<br></div><div>ip public: 187.32.XX.XXX<br></div><div>
<span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">Network: <a href="http://192.168.0.0/24">192.168.0.0/24</a></span>
<br></div><div>interface int: 192.168.0.254</div><div><br></div></div><div><br></div><div>#my ipsec.conf</div><div><div><br></div><div>conn myconn</div><div> fragmentation = yes</div><div> keyexchange = ikev1</div><div> reauth = yes</div><div> forceencaps = no</div><div> rekey = yes</div><div> installpolicy = yes</div><div> type = tunnel</div><div> dpdaction=restart</div><div> dpddelay = 10s</div><div> dpdtimeout = 60s</div><div> auto = route</div><div> authby=secret</div><div> left = %any</div><div> right = 35.196.XX.XXX </div><div> leftid = 187.32.XX.XXX</div><div> ikelifetime = 28800s</div><div> lifetime = 3600s</div><div> ike = aes128-sha1-modp1024,3des-sha1-modp1024!</div><div> esp = aes128-sha1-modp1024,3des-sha1-modp1024!</div><div> leftauth = psk</div><div> rightauth = psk</div><div> rightid = 35.196.XX.XXX</div><div> aggressive = no</div><div> rightsubnet = <a href="http://192.168.3.0/24">192.168.3.0/24</a></div><div> leftsubnet = <a href="http://192.168.0.0/24">192.168.0.0/24</a></div></div><div><br></div><div><br></div><div>Thanks...</div><div><br></div><div><br></div>-- <br><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr">Wesley R. de Oliveira<br><br></div></div></div></div>
</div>