[strongSwan] Connecting Multiple VPCs using StrongSwan with, VPC VPN connections
yaronf.ietf at gmail.com
Mon Jan 13 12:09:28 CET 2014
I would bet you are missing a "forceencaps" directive, so that you'll
have ESP-over-UDP. I've seen it with StrongSwan and IKEv2, but I assume
it works similarly with IKEv1.
> Message: 1
> Date: Mon, 13 Jan 2014 09:43:40 +0530
> From: Supratik Goswami <supratiksekhar at gmail.com>
> Subject: [strongSwan] Connecting Multiple VPCs using StrongSwan with
> VPC VPN connections
> To: users at lists.strongswan.org
> <CANs4eSCrUFLkpfM8sH3wiJODvrasDst-eoXG132XDe1CuCLOdg at mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
> I am using multiple AWS accounts for production/test environments, each
> environment is running a VPC. I have configured Amazon VPC VPN connections
> in each of the VPC. There is a another AWS account in which I have
> StrongSwan in EC2 instance.
> I am able to create the IPSec tunnels from the StrongSwan instance to the
> VPC VPN tunnels. When I check the "status" of the tunnels it shows all
> When I try to ping from the EC2 instance (running StrongSwan) to any EC2
> running in the other VPC it fails but when I ping from the other end I am
> able to
> see the ICMP requests from the tcpdump but reply is not reaching back to
> those instances.
> Below is my ipsec.conf configuration.
> conn %default
> conn VPC-CUST-GW1
> conn VPC-CUST-GW2
> conn VPC-CUST-GW3
> conn VPC-CUST-GW4
> Can anyone help me to figure out what I am missing here?
More information about the Users