[strongSwan] dhcp plugin: how to verify dhcp options forwarded to road warrior?

Harald Dunkel harri at afaics.de
Mon Apr 11 19:45:38 CEST 2016

On 04/11/16 16:24, Harald Dunkel wrote:
> Hi folks,
> Using IKEv2 to connect to MacOS 10.11.4:

PS: Sorry, this was misleading. Its a road warrior scenario
between a few MacOS laptops and a central strongswan
installation using IKEv2. The connections are initiated
only by the laptops. Strongswan uses the dhcp plugin to
obtain an IP address and DNS information.

> It seems that either the received DHCP options are not forwarded
> to the MacOS client, or the MacOS client ignores these options.
> Charon's log file entries show the DHCP discover and the received
> IP address and netmask, but it doesn't show which options are
> sent to the road warrior, and if this information is accepted
> or rejected.
> How can I verify? There are plenty of DNS related options in
> strongswan 5.3.4. Which options do I *really* have to set to
> make at least full DNS over IPsec work with MacOS?
> Every helpful comment is highly appreciated.
> Harri

Sorry for the confusion


More information about the Users mailing list