[strongSwan] NAT configuration error with iPhone
Assaf Gordon
gordon at cshl.edu
Thu Dec 1 01:13:09 CET 2011
Hello,
I've setup strongswan for iOS devices based on the Wiki instructions.
The VPN connection works well.
The iPhone device gets an IP of 10.0.0.2 (based on the Wiki conf example), but then can't access the "internal" network.
I'm sure it's just a configuration thing that I'm missing - but I'm not sure what.
I've added the following to the "strongswan.conf":
===
pluto {
dns1 = 140.10.20.30 # the DNS in the "internal" network
}
===
(while the Wiki has "192.168.0.1" - I assume I should use my actual DNS).
But running "wireshark" on the desktop (when trying to view a website on the iphone), I see UDP/DNS datagrams with source IP 10.0.0.2 and destination IP of 140.10.20.30 - so obviously that wouldn't work.
I'm missing some software configuration that would translate (NAT?) the VPN'd IP to the "internal" network IP.
I'm not even sure if it's part of strongswan or an external program (iptables+masquerading?).
Any pointers would be appreciated.
Thanks,
-gordon
More information about the Users
mailing list