[strongSwan] Android client + connection to strongswan server issue

Lance Blais lance.blais at codeartifacts.com
Wed Sep 18 17:35:42 CEST 2013


Seems like it:

The command: sysctl net.ipv4.ip_forward

returns:
net.ipv4.ip_forward = 1

On Wed, Sep 18, 2013 at 11:31 AM, Paton, Andy <andy.paton at hp.com> wrote:
> Have you got IP forwarding enabled on your Gateway?
>
> Regards,
>
> Andy Paton - Bsc. (Hons), MBCS
> Innovation Engineer
>
> andy.paton at hp.com
>
>
>
> -----Original Message-----
> From: users-bounces+andy.paton=hp.com at lists.strongswan.org [mailto:users-bounces+andy.paton=hp.com at lists.strongswan.org] On Behalf Of Lance Blais
> Sent: 18 September 2013 15:50
> To: users at lists.strongswan.org
> Subject: [strongSwan] Android client + connection to strongswan server issue
>
> Hey,
>
> I am trying to get the Android Strongswan client to connect to a strongswan server which I'm hosting.
>
> I've already made progress past a few cert / key issues and now the client says the connection is established, but I can't push traffic through from my device.
> As soon as I disable the tunnel, all is well.
>
> I am using EAP-MSCHAP to connect.
>
> What can I do to troubleshoot why this isn't working?
>
> Thanks, below are my files:
>
> # ipsec.conf - strongSwan IPsec configuration file
>
> config setup
>     plutostart=no
>
> conn %default
>     keyexchange=ikev2
>     ike=aes256-sha1-modp1024!
>     esp=aes256-sha1!
>     dpdaction=clear
>     dpddelay=300s
>     rekey=no
>
> conn android
>     left=%defaultroute
>     leftsubnet=0.0.0.0/0
>     leftauth=pubkey
>     leftcert=vpnCert.der
>     leftfirewall=yes
>     right=%any
>     rightsourceip=10.11.1.0/24
>     rightauth=eap-mschapv2
>     rightsendcert=never
>     eap_identity=%any
>     auto=add
>
>
> ##################
>
> # /etc/ipsec.secrets - strongSwan IPsec secrets file
>
> : RSA vpnKey.der
>
> carol : EAP "abcd1234"
>
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users



-- 
Lance Blais
Software Developer - Security, Web & Mobile
http://blog.codeartifacts.com




More information about the Users mailing list