[strongSwan] l2tp/ipsec - same private ip address behind two different peers

tuarego da silva tuarego at yahoo.com
Sat Jan 31 22:58:08 CET 2015

Hello all,We have been using Strongswan to allow our users (students and teachers) to establish vpn sessions to our school. We choose to use IPSec/L2TP due windows and mac native clients... A few months ago we discovered that Strongswan does not support multiple clients behind same NAT address and was a big issue for us because we have students residences where many students try to connect at same time.Now we discovered another issue that is, Strongswan does not allow that two users behind different NAT ip addresses but with same private ip address connect at same time.In charon log we see:Jan 31 17:51:22 16[IKE] deleting duplicate IKE_SA for peer '' due to uniqueness policy

So before trying another solution for VPN we would like to ask if anybody knows if there is way to configure Strongswan in order to use transport mode (L2TP) and bypass this difficulties.Best,Pedro.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20150131/ce4cede5/attachment.html>

More information about the Users mailing list