[strongSwan] configuring strongswan for windows with ikev2; not assigning gateway on windows machine
amrith.kumar at gmail.com
Sun Jul 22 00:23:16 CEST 2012
I'm new to strongswan and have been working through setting it up for the
An Amazon EC2 instance running Ubuntu 12.04
A windows 7 PC
Strongswan is configured and running on the server. Authentication of the
client is by certificate (which has been quite an experience) and I've
managed to get all that straightened out and on the Windows PC I can click
"connect" on the VPN and it authenticates and connects.
Then it says "No internet access" on the VPN.
What I see on Windows is this,
1. there's no route that will send all traffic down the VPN.
2. there's no interface being created (that I can tell) on the server side
that responds to pings for what I believe will be the servers side of the
3. ipconfig /all on Windows shows that the default gateway for the VPN
interface is 0.0.0.0
As my server is itself an EC2 instance (and therefore it's public IP is
unknown), how does one go about instructing strongswan and windows of this
The how-to's and information on the strongswan wiki seem to deal with
configurations where there is a static IP on the server side, a luxury I
don't have. Yes, I could get an elasticIP from Amazon but I'm looking for a
solution that doesn't require that if possible. With PPTP (as a comparison),
I could merely say:
and enable ip_forward and things work out fine ...
My ipsec.conf is this
# ipsec.conf - strongSwan IPsec configuration file
leftid="C=US, ST=MA, O=PE, CN=vpn.<domain>.com, E=<email>"
rightid="C=US, ST=MA, O=PE, CN=my-laptop, E=<email>"
More information about the Users