[strongSwan] Connection works, but no access to network
ghughes at iscinternational.com
Tue Jul 30 18:50:47 CEST 2013
Good morning, all!
I'm working on some bits of configuration for a production VPN. I have a
successful EAP-MSCHAPV2 connection from a test virtual server to my
Strongswan vpn server. However, I cannot access the network behind the VPN
server. I have enabled IP forwarding on the server. My test client still
shows traceroute ending at the VPN server.
Here is the traceroute:
C:\Users\Gregg Hughes>tracert 192.168.1.101
Tracing route to 192.168.1.101 over a maximum of 30 hops
1 156 ms 200 ms 34 ms 192.168.1.102
2 * * * Request timed out.
3 * * * Request timed out.
4 * * * Request timed out.
5 * * * Request timed out.
6 * * * Request timed out.
7 * * * Request timed out.
8 * * ^C
This VPN server has one virtual interface, 192.168.1.102. It will be opened
up via static NAT to the outside world. The internal networks are on the
same IP segment as the VPN server or accessible from that network. The host
firewall is disabled for testing.
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
iface lo inet loopback
# The primary network interface
iface eth0 inet static
# Add connections here.
lefthostaccess = yes
The lefthostaccess parameter was added today, with no change in behavior, as
were changes in the leftsourceip directive. The rightsourceip range is
good, with no address conflicts. The test client has no problem with the
I added another interface to see if there was any issue there, again, with
no change in behavior. I also researched ip route on the server, and
haven't found the answer there.
I'm pretty sure there's something easy here, but I must be overlooking it.
Many thanks for looking at this and any hints as to where to look to correct
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users