<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none;"><!-- P {margin-top:0;margin-bottom:0;} --></style>
</head>
<body dir="ltr">
<div id="divtagdefaultwrapper" style="font-size:12pt;color:#000000;font-family:Calibri,Helvetica,sans-serif;" dir="ltr">
<p style="margin-top:0;margin-bottom:0">hello dears, </p>
<p style="margin-top:0;margin-bottom:0"><br>
</p>
<p style="margin-top:0;margin-bottom:0">i'm new to strongswan and trying to build a vpn between <span>ubuntu and android clients. </span></p>
<p style="margin-top:0;margin-bottom:0"><span>i followed this tutorial :</span></p>
<p style="margin-top:0;margin-bottom:0"><span><a href="https://www.digitalocean.com/community/tutorials/how-to-set-up-an-ikev2-vpn-server-with-strongswan-on-ubuntu-18-04-2" class="OWAAutoLink" id="LPlnk140238" previewremoved="true">https://www.digitalocean.com/community/tutorials/how-to-set-up-an-ikev2-vpn-server-with-strongswan-on-ubuntu-18-04-2</a> </span><br>
</p>
<p style="margin-top:0;margin-bottom:0">and the connection up but there is no traffic pass from the application (android client) to the server, </p>
<p style="margin-top:0;margin-bottom:0">and in the following you can find the statue of the tunnel:</p>
<p style="margin-top:0;margin-bottom:0"><span></span></p>
<div><br>
</div>
<div><span style="background-color: rgb(190, 190, 190);"># ipsec statusall</span></div>
<div><span style="background-color: rgb(190, 190, 190);">Status of IKE charon daemon (strongSwan 5.3.5, Linux 4.4.0-138-generic, x86_64):</span></div>
<div><span style="background-color: rgb(190, 190, 190);"> uptime: 32 minutes, since Oct 30 10:01:28 2018</span></div>
<div><span style="background-color: rgb(190, 190, 190);"> malloc: sbrk 3284992, mmap 532480, used 1078704, free 2206288</span></div>
<div><span style="background-color: rgb(190, 190, 190);"> worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 2</span></div>
<div><span style="background-color: rgb(190, 190, 190);"> loaded plugins: charon test-vectors unbound ldap pkcs11 aes rc2 sha1 sha2 md4 md5 random nonce x509 revocation constraints acert pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey dnscert ipseckey pem
openssl gcrypt af-alg fips-prf gmp agent chapoly xcbc cmac hmac ctr ccm gcm ntru bliss curl soup mysql sqlite attr kernel-netlink resolve socket-default connmark farp stroke updown eap-identity eap-sim eap-sim-pcsc eap-aka eap-aka-3gpp2 eap-simaka-pseudonym
eap-simaka-reauth eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap eap-tnc xauth-generic xauth-eap xauth-pam xauth-noauth tnc-tnccs tnccs-20 tnccs-11 tnccs-dynamic dhcp whitelist lookip error-notify certexpire led radattr addrblock
unity</span></div>
<div><span style="background-color: rgb(190, 190, 190);">Virtual IP pools (size/online/offline):</span></div>
<div><span style="background-color: rgb(190, 190, 190);"> 0.0.0.0/0: 2147483646/1/0</span></div>
<div><span style="background-color: rgb(190, 190, 190);">Listening IP addresses:</span></div>
<div><span style="background-color: rgb(190, 190, 190);"> 10.192.129.171</span></div>
<div><span style="background-color: rgb(190, 190, 190);"> 10.199.183.215</span></div>
<div><span style="background-color: rgb(190, 190, 190);">Connections:</span></div>
<div><span style="background-color: rgb(190, 190, 190);"> ikev2-vpn: %any...%any IKEv2, dpddelay=300s</span></div>
<div><span style="background-color: rgb(190, 190, 190);"> ikev2-vpn: local: [10.192.129.171] uses public key authentication</span></div>
<div><span style="background-color: rgb(190, 190, 190);"> ikev2-vpn: cert: "CN=10.192.129.171"</span></div>
<div><span style="background-color: rgb(190, 190, 190);"> ikev2-vpn: remote: uses EAP_MSCHAPV2 authentication with EAP identity '%any'</span></div>
<div><span style="background-color: rgb(190, 190, 190);"> ikev2-vpn: child: 0.0.0.0/0 === dynamic TUNNEL, dpdaction=clear</span></div>
<div><span style="background-color: rgb(190, 190, 190);">Security Associations (1 up, 0 connecting):</span></div>
<div><span style="background-color: rgb(190, 190, 190);"> ikev2-vpn[10]: ESTABLISHED 2 seconds ago, 10.192.129.171[10.192.129.171]...10.137.113.75[EYAS]</span></div>
<div><span style="background-color: rgb(190, 190, 190);"> ikev2-vpn[10]: IKEv2 SPIs: c3017f0ec4f1b443_i 07005129d36627b1_r*, rekeying disabled</span></div>
<div><span style="background-color: rgb(190, 190, 190);"> ikev2-vpn[10]: IKE proposal: AES_CBC_256/HMAC_SHA2_384_192/PRF_HMAC_SHA2_384/ECP_384</span></div>
<div><span style="background-color: rgb(190, 190, 190);"> ikev2-vpn{4}: INSTALLED, TUNNEL, reqid 4, ESP in UDP SPIs: c15502dd_i be84cbab_o</span></div>
<div><span style="background-color: rgb(190, 190, 190);"> ikev2-vpn{4}: AES_CBC_128/HMAC_SHA1_96, 0 bytes_i, 0 bytes_o, rekeying disabled</span></div>
<div><span style="background-color: rgb(190, 190, 190);"> ikev2-vpn{4}: 0.0.0.0/0 === 0.0.0.1/32</span></div>
<div><span style="background-color: rgb(190, 190, 190);"><br>
</span></div>
<div><br>
</div>
So has any one faced the same issue before (the VPN connection up on android client but there is no traffic pass from the client to the server after that), and how to solve it .
<p></p>
<div><br>
</div>
<div>thanks in advance </div>
</div>
</body>
</html>