[strongSwan] How to access the service on the server which act as the VPN Gateway as well?

Martin Willi martin at strongswan.org
Mon Nov 24 10:52:16 CET 2014

Hi Aries,

> The VPN is using IKEv2 and the connections between clients and server
> established successfully. The clients are assigned virtual IPs drawn
> from a pool. The clients can also access each other through
> the tunnel without a problem. However I notice that the server itself
> which acts as the VPN Gateway does not have a virtual IP address.

No, strongSwan does not automatically assign an address from that pool
to your local host. You can do this manually, though, just make sure it
is routable/accessible over the tunnel, and it doesn't conflict with
addresses actually handed out from the pool.

You may install such an address as an additional one to your primary
interface, or for better protection create a dummy interface with
appropriate routes.


More information about the Users mailing list