[strongSwan] net-net sample can not work on ubuntu14.04

Bernhard Marx bernhard.marx at gmail.com
Mon May 4 11:00:18 CEST 2015 

Hi Zhu,

no problem. I wish I would have :-)
But moon and sun is connected via public networks?
This is my scenario:

192.168.2.0/24 <=> 192.168.2.1 hardware router xx.xx.xx.xx (public IP from
provider) <=> Internet <=> public IP on eth0 192.168.120.125 <=>
192.168.120.0/24 on eth1

I can ping from 192.168.120.125 to 192.168.2.1 and vice versa - but I can
not reach any devices in the subnet...

Regards
Bernhard


2015-05-04 10:51 GMT+02:00 zhuyj <mounter625 at 163.com>:

>  Sorry. I thought your solve this problem already.
> Do you think that it is related with psk or pubkey? I mean that strongswan
> can support auth-based certificate very well.
> Maybe there is something wrong with psk auth?
>
> Zhu Yanjun
>
>
> On 05/04/2015 04:45 PM, zhuyj wrote:
>
> Hi, Marx
>
> Please let me know how to solve this problem.
>
> Thanks a lot.
> Zhu Yanjun
>
> On 05/04/2015 04:22 PM, Bernhard Marx wrote:
>
> Dear Zhu,
>
>  I think I have the issue... as send a request to mail list yesterday...
>
>  Feedback I received is to check the routing of packets... but I cant
> identify the issue...
>
>  Regards
> Bernhard
>
> 2015-05-04 10:17 GMT+02:00 zhuyj <mounter625 at 163.com>:
>
>> Hi, all
>>
>> I followed this link:
>> http://www.strongswan.org/uml/testresults/ikev2/net2net-psk/
>>
>> I configured 4 vmare hosts. The hosts are ubuntu14.04.
>>
>> The network topology is as below.
>>
>> 10.1.0.10 <---->10.1.0.1 (moon) 192.168.0.1<----->192.168.0.2 (sun)
>> 10.2.0.1<---->10.2.0.10
>>
>> strongswan is 5.1.2.
>>
>> >From this link:
>> http://www.strongswan.org/uml/testresults/ikev2/net2net-psk/, after a
>> vpn tunnel is created,
>> I ran "ping 10.2.0.10" on clinet 10.1.0.10. But I can not get any reply
>> from 10.2.0.10.
>>
>> I can find the icmp packets into moon. But moon will not forward these
>> icmp packets.
>>
>> I exactly followed this link
>> http://www.strongswan.org/uml/testresults/ikev2/net2net-psk/, but I can
>> not get
>> the same test result with this link.
>>
>> Does any one have the similar experience?
>>
>> Any reply is appreciated.
>>
>> Thanks a lot.
>> Zhu Yanjun
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.strongswan.org
>> https://lists.strongswan.org/mailman/listinfo/users
>>
>
>
>
> _______________________________________________
> Users mailing listUsers at lists.strongswan.orghttps://lists.strongswan.org/mailman/listinfo/users
>
>
>
>
> _______________________________________________
> Users mailing listUsers at lists.strongswan.orghttps://lists.strongswan.org/mailman/listinfo/users
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20150504/206748b7/attachment.html>

More information about the Users mailing list