[strongSwan] strongswan subnet routing

Andreas Steffen andreas.steffen at strongswan.org
Thu Nov 4 22:18:16 CET 2010

Hello Andris,

a network diagram and the ipsec.conf files on both sides would help!



On 11/04/2010 06:23 PM, Andris Lismanis wrote:
> Hi,
> I have managed to setup a tunnel between two hosts which are behind
> firewalls (adsl routers). E.g. rw--adsl---internet---adsl--server (with
> one eth)----subnet. The problem is that I can ping and access the
> 'server' but cannot access any other hosts in the subnet. I have enabled
> ip forwarding in sysctl but with no luck. I can also see host addresses
> appearing in ARP cache when I try to ping other hosts from rw.
> Is there an option that I have not enabled? Do I need to use iptables to
> forward the packets forward and backward?
> Any help would be appriciated.
> Thanks,
> Andris Lismanis

Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution!                www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)

More information about the Users mailing list