[strongSwan] UPnP/DLNA over IPsec

Niccolò Belli darkbasic at linuxsystems.it
Mon Mar 25 11:10:07 CET 2013


Hi,
Thanks for your answer. Unfortunately I can't make it work, here is my 
ipsec.conf entry:

conn server-android
         keyexchange=ikev2
         authby=rsasig
         left=<server_public_ip>
         leftsubnet=192.168.2.0/24,239.255.255.250/32
         leftcert=
         leftid=
         leftrsasigkey=%cert
         right=%any
         rightsourceip=192.168.2.40
         rightid=
         rightrsasigkey=%cert
         type=tunnel
         auto=add


The client is an Android phone with the Strongswan app.


Firewall rules in the server:

iptables -A FORWARD -m policy --dir in --pol ipsec --mode tunnel -j ACCEPT
iptables -A FORWARD -m policy --dir out --pol ipsec --mode tunnel -j ACCEPT
iptables -A FORWARD -i eth2 -o nas0 -j ACCEPT
iptables -A FORWARD -o eth2 -i nas0 -j ACCEPT


Routes:

ip route add 192.168.2.40/32 via <P-t-P> dev nas0  proto static  src 
<server_public_ip> table 220
ip route add 239.255.255.250/32 via <P-t-P> dev nas0  proto static  src 
<server_public_ip> table 220


SSDP doesn't still work, what's the problem?

Thanks,
Niccolò

-- 
http://www.linuxsystems.it




More information about the Users mailing list