[strongSwan] net-net sample can not work on ubuntu14.04

Noel Kuntze noel at familie-kuntze.de
Mon May 4 12:01:16 CEST 2015 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello,

Did you follow the guide for forwarding[1]?

[1] https://wiki.strongswan.org/projects/strongswan/wiki/ForwardingAndSplitTunneling

Mit freundlichen Grüßen/Regards,
Noel Kuntze

Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658

Am 04.05.2015 um 11:25 schrieb zhuyj:
> Hi,
> 
> Are you using psk or certificate to auth?
> 
> Best Regards!
> Zhu Yanjun
> On 05/04/2015 05:18 PM, zhuyj wrote:
>> Hi, Bernhard
>>
>> Your problem is the same with mine.
>>
>> Best Regards!
>> Zhu Yanjun
>>
>> On 05/04/2015 05:00 PM, Bernhard Marx wrote:
>>> Hi Zhu,
>>>
>>> no problem. I wish I would have :-)
>>> But moon and sun is connected via public networks? 
>>> This is my scenario:
>>>
>>> 192.168.2.0/24 <http://192.168.2.0/24> <=> 192.168.2.1 hardware router xx.xx.xx.xx (public IP from provider) <=> Internet <=> public IP on eth0 192.168.120.125 <=> 192.168.120.0/24 <http://192.168.120.0/24> on eth1
>>>
>>> I can ping from 192.168.120.125 to 192.168.2.1 and vice versa - but I can not reach any devices in the subnet...
>>>
>>> Regards
>>> Bernhard
>>>
>>>
>>> 2015-05-04 10:51 GMT+02:00 zhuyj <mounter625 at 163.com <mailto:mounter625 at 163.com>>:
>>>
>>>     Sorry. I thought your solve this problem already. 
>>>     Do you think that it is related with psk or pubkey? I mean that strongswan can support auth-based certificate very well.
>>>     Maybe there is something wrong with psk auth?
>>>
>>>     Zhu Yanjun
>>>
>>>
>>>     On 05/04/2015 04:45 PM, zhuyj wrote:
>>>>     Hi, Marx
>>>>
>>>>     Please let me know how to solve this problem.
>>>>
>>>>     Thanks a lot.
>>>>     Zhu Yanjun
>>>>
>>>>     On 05/04/2015 04:22 PM, Bernhard Marx wrote:
>>>>>     Dear Zhu,
>>>>>
>>>>>     I think I have the issue... as send a request to mail list yesterday...
>>>>>
>>>>>     Feedback I received is to check the routing of packets... but I cant identify the issue...
>>>>>
>>>>>     Regards
>>>>>     Bernhard
>>>>>
>>>>>     2015-05-04 10:17 GMT+02:00 zhuyj <mounter625 at 163.com <mailto:mounter625 at 163.com>>:
>>>>>
>>>>>         Hi, all
>>>>>
>>>>>         I followed this link: http://www.strongswan.org/uml/testresults/ikev2/net2net-psk/
>>>>>
>>>>>         I configured 4 vmare hosts. The hosts are ubuntu14.04.
>>>>>
>>>>>         The network topology is as below.
>>>>>
>>>>>         10.1.0.10 <---->10.1.0.1 (moon) 192.168.0.1<----->192.168.0.2 (sun) 10.2.0.1<---->10.2.0.10
>>>>>
>>>>>         strongswan is 5.1.2.
>>>>>
>>>>>         >From this link: http://www.strongswan.org/uml/testresults/ikev2/net2net-psk/, after a vpn tunnel is created,
>>>>>         I ran "ping 10.2.0.10" on clinet 10.1.0.10. But I can not get any reply from 10.2.0.10.
>>>>>
>>>>>         I can find the icmp packets into moon. But moon will not forward these icmp packets.
>>>>>
>>>>>         I exactly followed this link http://www.strongswan.org/uml/testresults/ikev2/net2net-psk/, but I can not get
>>>>>         the same test result with this link.
>>>>>
>>>>>         Does any one have the similar experience?
>>>>>
>>>>>         Any reply is appreciated.
>>>>>
>>>>>         Thanks a lot.
>>>>>         Zhu Yanjun
>>>>>
>>>>>
>>>>>         _______________________________________________
>>>>>         Users mailing list
>>>>>         Users at lists.strongswan.org <mailto:Users at lists.strongswan.org>
>>>>>         https://lists.strongswan.org/mailman/listinfo/users
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>     _______________________________________________
>>>>>     Users mailing list
>>>>>     Users at lists.strongswan.org <mailto:Users at lists.strongswan.org>
>>>>>     https://lists.strongswan.org/mailman/listinfo/users
>>>>
>>>>
>>>>
>>>>     _______________________________________________
>>>>     Users mailing list
>>>>     Users at lists.strongswan.org <mailto:Users at lists.strongswan.org>
>>>>     https://lists.strongswan.org/mailman/listinfo/users
>>>
>>>
>>
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.strongswan.org
>> https://lists.strongswan.org/mailman/listinfo/users
> 
> 
> 
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJVR0NoAAoJEDg5KY9j7GZYRSQQAI/eJvIQy91JxZbtNasmhTpI
Rf1bC4POxEV8KGqtkWq0hPd4u8MNWJR7OPo6G3upWx//V25Ajxm0wfpfVQnuOS7H
dgzIW8NbKrwte+8WGwpHEnAY/F5Nl9tx4cVOWzU0iGFs+eXpGWqL/VHfIBLNpReC
Wpi75M7gpvu630weEWSTcgAvPis5eFou2YlEQ0wIbSWGEaV+txZ1LSlMGRc90Qnr
Cp+lWeE9T/Jpge3XOxHZDCuonbkc+t6qF1LsnIidyPJxP6NN/URCtOfLPBWuvwrl
a6KPN5xici69kMnEGq8eeztvNNh7WK/FXbuMnfhM9Z1yroNPOFJSUzC7NsyV6fLb
MQMWFoT7F4ykj0gVCwOI32z0qaQSiNWnBWpOAy4qSN6OXGdHjY+pVSosWoLbItoq
LMqmV0XtTQW1p4wV9oLsCaDkC7eFAIEy83+5KOGFlzXfzsnDTKUKAdw0v1XVbQoC
gP+4NNoKRi7nYcPI1odgjs0yAu5BZPaehvVJRh4Ev/YELi0Rk78PMrUCyEEC7G2O
0mcynJEkT69SqBWYru6UfbyiVpw2WDAYfBROmW9HkJVs6gcDvF67buRTaTFJaTMw
pszJbHsQEEsK03VScfNqJo2itg2z1tM5KdBFW4ggKlJb7bW4sENngYP3VWudOL68
ezg55ccbOUPhS95nN6OD
=EYhL
-----END PGP SIGNATURE-----

More information about the Users mailing list