<html><head></head><body><div class="ydp49818be7yahoo-style-wrap" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:16px;"><div></div>
<div dir="ltr" data-setdir="false">Hi Tobias,</div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">Thanks you for your response. </div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">Please see my response inline below.</div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">Thanks,</div><div dir="ltr" data-setdir="false">Pankaj</div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false"><div><span style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">> I am facing issue with strongswan MAC OS X client which I have compiled</span><br clear="none" style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">> from source. </span><br clear="none" style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">> </span><br clear="none" style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">> version</span><br clear="none" style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">> --------------</span><br clear="none" style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">> Starting IKE charon daemon (strongSwan 5.7.2dr2, Linux</span><br clear="none" style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">> 4.15.0-112-generic, x86_64)</span><br clear="none" style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br clear="none" style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">That seems to contradict what you wrote above (Linux != macOS). And why</span><br clear="none" style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">use an old developers release?</span></div><div><font color="#26282a"><br></font></div><div dir="ltr" data-setdir="false"><font color="#26282a"><PR> Sorry my bad. I copied from linux system rather than from MAC. We have ported this version to both linux and MAC. We are planning to move to latest version in this quarter. There were few vpp plugins which we could leverage from this release.<br></font><div class="ydpbc055200yqt1609879999" id="ydpbc055200yqtfd07492" style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br clear="none"><br clear="none">> I am able to connect to server in road warrior scenario. When I switch<br clear="none">> wifi on my MAC laptop, source outer IP address (192.168.1.5) does not<br clear="none">> change for IKE SA.</div><br clear="none" style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br clear="none" style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">If the "old" address is still available and a route leads to it, nothing</span><br clear="none" style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">will change unless you force the daemon to ignore the current path by</span><br clear="none" style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">enabling charon.prefer_best_path (depending on the routes, the path</span><br clear="none" style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;">might still not change).</span></div><div dir="ltr" data-setdir="false"><span style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br></span></div><div dir="ltr" data-setdir="false"><span style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><PR> Thank you. I made this change in strongswan.conf, it still did not work. So I changed route based on "new" address from CLI (route change cmd), then I could see outer IP changed to "new" IP. However, I could not see these packets in wireshark capture.</span></div><div dir="ltr" data-setdir="false"><span style="color: rgb(38, 40, 42); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><br></span></div><div dir="ltr" data-setdir="false"><div><i>Jul 29 14:33:37 02[NET] error writing to socket: Can’t assign requested address</i></div><div><i>Jul 29 14:33:37 14[IKE] <exd-1|1> path probing attempt 8</i></div><div><i>Jul 29 14:33:37 14[IKE] <exd-1|1> ExC: get_source_addr for dst 32.2.4.18, src (null)</i></div><div><i>Jul 29 14:33:37 14[IKE] <exd-1|1> ExC: get_route, 192.168.1.112<br></i></div><div><i>Jul 29 14:33:37 14[KNL] <exd-1|1> using 192.168.1.112 as address to reach 32.2.4.18</i></div><div><i>Jul 29 14:33:37 14[IKE] <exd-1|1> checking path 192.168.1.112[4500] - 32.2.4.18[4500]</i></div><div><i>Jul 29 14:33:37 14[NET] <exd-1|1> sending packet: sock: from 192.168.1.112[4500] to 32.2.4.18[4500] (96 bytes)</i></div><div><i>Jul 29 14:33:37 14[IKE] <exd-1|1> ExC: get_source_addr for dst 192.168.124.100, src (null)</i></div><div><i>Jul 29 14:33:37 14[IKE] <exd-1|1> ExC: get_route</i></div><div><i><br></i></div><div dir="ltr" data-setdir="false">I was wondering whether my approach is wrong or it is more of the system issue I am facing. </div><div dir="ltr" data-setdir="false">All I am doing is switching wifi on my machine to test Mobike.</div></div><br></div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">Regards,</div><div dir="ltr" data-setdir="false">Pankaj</div><div dir="ltr" data-setdir="false"><br></div><div><br></div>
</div><div id="ydpbc055200yahoo_quoted_6686076288" class="ydpbc055200yahoo_quoted">
<div style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:13px;color:#26282a;">
<div>
On Wednesday, July 29, 2020, 01:26:47 PM GMT+5:30, Tobias Brunner <tobias@strongswan.org> wrote:
</div>
<div><br></div>
<div><br></div>
<div><div dir="ltr">Hi Pankaj,<br clear="none"><br clear="none">> I am facing issue with strongswan MAC OS X client which I have compiled<br clear="none">> from source. <br clear="none">> <br clear="none">> version<br clear="none">> --------------<br clear="none">> Starting IKE charon daemon (strongSwan 5.7.2dr2, Linux<br clear="none">> 4.15.0-112-generic, x86_64)<br clear="none"><br clear="none">That seems to contradict what you wrote above (Linux != macOS). And why<br clear="none">use an old developers release?<div class="ydpbc055200yqt1609879999" id="ydpbc055200yqtfd07492"><br clear="none"><br clear="none">> I am able to connect to server in road warrior scenario. When I switch<br clear="none">> wifi on my MAC laptop, source outer IP address (192.168.1.5) does not<br clear="none">> change for IKE SA.</div><br clear="none"><br clear="none">If the "old" address is still available and a route leads to it, nothing<br clear="none">will change unless you force the daemon to ignore the current path by<br clear="none">enabling charon.prefer_best_path (depending on the routes, the path<br clear="none">might still not change).<br clear="none"><br clear="none">Regards,<br clear="none">Tobias<div class="ydpbc055200yqt1609879999" id="ydpbc055200yqtfd19370"><br clear="none"></div></div></div>
</div>
</div></body></html>