Hi all,
I’m trying to create a configuration that provides both IPv4 and IPv6 to connected clients and routes all traffic through the VPN server.
The configuration below works wel with Strongswan for Android but causes iOS on the iPhone to disconnect immediately (after what Strongswan believes to be a successful connection setup).
Once I comment out the IPv6 parts of leftsubnet and rightsourceip iOS connects without issue. Any ideas as to what iOS might not like about this configuration? Is anyone else successfully serving both IPv4 and IPv6 to iOS clients?
conn eap-peap
left=123.123.123.123
leftid=vpn.server.com
leftcert=cert.pem
leftupdown=/usr/lib/ipsec/updown.sh
leftsendcert=always
leftauth=pubkey
right=%any
leftsubnet=0.0.0.0/0,2000::/3
rightsourceip=10.0.0.0/24,2123:1:1:1:0:3::/96
rightdns=10.0.0.1,10.0.0.2
rightauth=eap-radius
rightsendcert=never
eap_identity=%identity
rekey=no
reauth=no
keyexchange=ikev2
fragmentation=yes
auto=add
Thanks and regards,
Niels