[strongSwan] NAT configuration error with iPhone
gordon at cshl.edu
Thu Dec 1 01:13:09 CET 2011
I've setup strongswan for iOS devices based on the Wiki instructions.
The VPN connection works well.
The iPhone device gets an IP of 10.0.0.2 (based on the Wiki conf example), but then can't access the "internal" network.
I'm sure it's just a configuration thing that I'm missing - but I'm not sure what.
I've added the following to the "strongswan.conf":
dns1 = 220.127.116.11 # the DNS in the "internal" network
(while the Wiki has "192.168.0.1" - I assume I should use my actual DNS).
But running "wireshark" on the desktop (when trying to view a website on the iphone), I see UDP/DNS datagrams with source IP 10.0.0.2 and destination IP of 18.104.22.168 - so obviously that wouldn't work.
I'm missing some software configuration that would translate (NAT?) the VPN'd IP to the "internal" network IP.
I'm not even sure if it's part of strongswan or an external program (iptables+masquerading?).
Any pointers would be appreciated.
More information about the Users