[strongSwan] Android client + connection to strongswan server issue

Paton, Andy andy.paton at hp.com
Wed Sep 18 17:31:52 CEST 2013


Have you got IP forwarding enabled on your Gateway?

Regards,

Andy Paton - Bsc. (Hons), MBCS
Innovation Engineer

andy.paton at hp.com



-----Original Message-----
From: users-bounces+andy.paton=hp.com at lists.strongswan.org [mailto:users-bounces+andy.paton=hp.com at lists.strongswan.org] On Behalf Of Lance Blais
Sent: 18 September 2013 15:50
To: users at lists.strongswan.org
Subject: [strongSwan] Android client + connection to strongswan server issue

Hey,

I am trying to get the Android Strongswan client to connect to a strongswan server which I'm hosting.

I've already made progress past a few cert / key issues and now the client says the connection is established, but I can't push traffic through from my device.
As soon as I disable the tunnel, all is well.

I am using EAP-MSCHAP to connect.

What can I do to troubleshoot why this isn't working?

Thanks, below are my files:

# ipsec.conf - strongSwan IPsec configuration file

config setup
    plutostart=no

conn %default
    keyexchange=ikev2
    ike=aes256-sha1-modp1024!
    esp=aes256-sha1!
    dpdaction=clear
    dpddelay=300s
    rekey=no

conn android
    left=%defaultroute
    leftsubnet=0.0.0.0/0
    leftauth=pubkey
    leftcert=vpnCert.der
    leftfirewall=yes
    right=%any
    rightsourceip=10.11.1.0/24
    rightauth=eap-mschapv2
    rightsendcert=never
    eap_identity=%any
    auto=add


##################

# /etc/ipsec.secrets - strongSwan IPsec secrets file

: RSA vpnKey.der

carol : EAP "abcd1234"

_______________________________________________
Users mailing list
Users at lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users




More information about the Users mailing list