[strongSwan] Cannot access certain websites from NetworkManager client
kc04bc at gmx.com
Fri Dec 23 18:50:00 CET 2016
Hi, I have strongSwan configured for road warrior use on CentOS 7,
roughly following this tutorial
I'm using two clients, the strongSwan Android app and the NetworkManager
plugin on Fedora 25.
It's working nicely for the most part, there's only one issue when using
the NetworkManager plugin---I cannot load https://github.com, I'm
getting the following message from cURL.
$ curl -v https://github.com
* Rebuilt URL to: https://github.com/
* Trying 220.127.116.11...
* TCP_NODELAY set
* Connected to github.com (18.104.22.168) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/ssl/certs/ca-bundle.crt
* NSS error -5961 (PR_CONNECT_RESET_ERROR)
* TCP connection reset by peer
* Curl_http_done: called premature == 1
* stopped the pause stream!
* Closing connection 0
curl: (35) TCP connection reset by peer
I don't see any error messages on the server and I don't think there's
anything wrong with my certificates, GitHub works fine when I'm not
using the VPN.
GitHub works fine on my Android device. So I suspect it's something to
do with my client configuration in the NetworkManager plugin. I'm using
a self-signed host certificate and "Certificate/private key" for client
authentication. I played around with the settings but I'm unable to fix
the problem. Has anyone seen a similar problem? What should I do to
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: OpenPGP digital signature
More information about the Users