[strongSwan] net-net sample can not work on ubuntu14.04
zhuyj
mounter625 at 163.com
Mon May 4 11:25:05 CEST 2015
Hi,
Are you using psk or certificate to auth?
Best Regards!
Zhu Yanjun
On 05/04/2015 05:18 PM, zhuyj wrote:
> Hi, Bernhard
>
> Your problem is the same with mine.
>
> Best Regards!
> Zhu Yanjun
>
> On 05/04/2015 05:00 PM, Bernhard Marx wrote:
>> Hi Zhu,
>>
>> no problem. I wish I would have :-)
>> But moon and sun is connected via public networks?
>> This is my scenario:
>>
>> 192.168.2.0/24 <http://192.168.2.0/24> <=> 192.168.2.1 hardware
>> router xx.xx.xx.xx (public IP from provider) <=> Internet <=> public
>> IP on eth0 192.168.120.125 <=> 192.168.120.0/24
>> <http://192.168.120.0/24> on eth1
>>
>> I can ping from 192.168.120.125 to 192.168.2.1 and vice versa - but I
>> can not reach any devices in the subnet...
>>
>> Regards
>> Bernhard
>>
>>
>> 2015-05-04 10:51 GMT+02:00 zhuyj <mounter625 at 163.com
>> <mailto:mounter625 at 163.com>>:
>>
>> Sorry. I thought your solve this problem already.
>> Do you think that it is related with psk or pubkey? I mean that
>> strongswan can support auth-based certificate very well.
>> Maybe there is something wrong with psk auth?
>>
>> Zhu Yanjun
>>
>>
>> On 05/04/2015 04:45 PM, zhuyj wrote:
>>> Hi, Marx
>>>
>>> Please let me know how to solve this problem.
>>>
>>> Thanks a lot.
>>> Zhu Yanjun
>>>
>>> On 05/04/2015 04:22 PM, Bernhard Marx wrote:
>>>> Dear Zhu,
>>>>
>>>> I think I have the issue... as send a request to mail list
>>>> yesterday...
>>>>
>>>> Feedback I received is to check the routing of packets... but I
>>>> cant identify the issue...
>>>>
>>>> Regards
>>>> Bernhard
>>>>
>>>> 2015-05-04 10:17 GMT+02:00 zhuyj <mounter625 at 163.com
>>>> <mailto:mounter625 at 163.com>>:
>>>>
>>>> Hi, all
>>>>
>>>> I followed this link:
>>>> http://www.strongswan.org/uml/testresults/ikev2/net2net-psk/
>>>>
>>>> I configured 4 vmare hosts. The hosts are ubuntu14.04.
>>>>
>>>> The network topology is as below.
>>>>
>>>> 10.1.0.10 <---->10.1.0.1 (moon)
>>>> 192.168.0.1<----->192.168.0.2 (sun) 10.2.0.1<---->10.2.0.10
>>>>
>>>> strongswan is 5.1.2.
>>>>
>>>> >From this link:
>>>> http://www.strongswan.org/uml/testresults/ikev2/net2net-psk/,
>>>> after a vpn tunnel is created,
>>>> I ran "ping 10.2.0.10" on clinet 10.1.0.10. But I can not
>>>> get any reply from 10.2.0.10.
>>>>
>>>> I can find the icmp packets into moon. But moon will not
>>>> forward these icmp packets.
>>>>
>>>> I exactly followed this link
>>>> http://www.strongswan.org/uml/testresults/ikev2/net2net-psk/,
>>>> but I can not get
>>>> the same test result with this link.
>>>>
>>>> Does any one have the similar experience?
>>>>
>>>> Any reply is appreciated.
>>>>
>>>> Thanks a lot.
>>>> Zhu Yanjun
>>>>
>>>>
>>>> _______________________________________________
>>>> Users mailing list
>>>> Users at lists.strongswan.org <mailto:Users at lists.strongswan.org>
>>>> https://lists.strongswan.org/mailman/listinfo/users
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Users mailing list
>>>> Users at lists.strongswan.org <mailto:Users at lists.strongswan.org>
>>>> https://lists.strongswan.org/mailman/listinfo/users
>>>
>>>
>>>
>>> _______________________________________________
>>> Users mailing list
>>> Users at lists.strongswan.org <mailto:Users at lists.strongswan.org>
>>> https://lists.strongswan.org/mailman/listinfo/users
>>
>>
>
>
>
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20150504/8a30c7b7/attachment.html>
More information about the Users
mailing list