[strongSwan] routing/firewall

Christian Huldt christian at solvare.se
Mon Dec 9 12:28:48 CET 2013


I have on (old) openswan gateway with ipsec-psk and l2tp and one
strongswan 5.1.1 with ikev1 with certificates for users to connect to.

I must however be doing something wrong as users connected to strongswan
cannot connect to internet, while users connected to openswan has no
problems at all.

Apart from the ipsec implementation most things are equal, including to
firewall rules - in fact, strongswan replace openswan that worked just
like the remaining openswan gateway.

tcpdump shows packets going out but not coming in, IPs are provided by
dhcp for strongswan, while openswan has a separate subnet...

What is the best way to debug this?




More information about the Users mailing list