[strongSwan] UPnP/DLNA over IPsec
Niccolò Belli
darkbasic at linuxsystems.it
Mon Mar 25 11:10:07 CET 2013
Hi,
Thanks for your answer. Unfortunately I can't make it work, here is my
ipsec.conf entry:
conn server-android
keyexchange=ikev2
authby=rsasig
left=<server_public_ip>
leftsubnet=192.168.2.0/24,239.255.255.250/32
leftcert=
leftid=
leftrsasigkey=%cert
right=%any
rightsourceip=192.168.2.40
rightid=
rightrsasigkey=%cert
type=tunnel
auto=add
The client is an Android phone with the Strongswan app.
Firewall rules in the server:
iptables -A FORWARD -m policy --dir in --pol ipsec --mode tunnel -j ACCEPT
iptables -A FORWARD -m policy --dir out --pol ipsec --mode tunnel -j ACCEPT
iptables -A FORWARD -i eth2 -o nas0 -j ACCEPT
iptables -A FORWARD -o eth2 -i nas0 -j ACCEPT
Routes:
ip route add 192.168.2.40/32 via <P-t-P> dev nas0 proto static src
<server_public_ip> table 220
ip route add 239.255.255.250/32 via <P-t-P> dev nas0 proto static src
<server_public_ip> table 220
SSDP doesn't still work, what's the problem?
Thanks,
Niccolò
--
http://www.linuxsystems.it
More information about the Users
mailing list