[strongSwan] Telnet over a tunnel using Local IP (rather than Public IP)

Anupam Malhotra anupam.malhotra at u2opiamobile.com
Wed Dec 21 06:23:58 CET 2011

Hi All


We have successfully established a tunnel from a server hosted in cloud to a
remote server. On executing "ipsec status", we can see the "IPsec SA
established" message. The cloud server has a local IP (say xl.xl.xl.xl) and
we have also assigned a public IP (xp.xp.xp.xp) to this cloud server. The
remove server has an IP of say xr.xr.xr.xr. The remote server's firewall
allows requests from xp.xp.xp.xp (public IP). Requests from any other IP are
blocked in the firewall. 


Now, when we do a telnet or ping to the remote server from the local server,
it times out without any response. The reason is that the remote server's
firewall sees the request coming from the cloud server's local IP
(xl.xl.xl.xl) and the firewall does not allow requests from this IP. The
firewall allows only the public IP (xp.xp.xp.xp). Since the tunnel is
successfully established, shouldn't the telnet or ping take the public IP
(rather than the local IP)?


Any help would be really appreciated.


Best Regards

Anupam Malhotra

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20111221/e7492b65/attachment.html>

More information about the Users mailing list