[strongSwan] IPSec Host-to-Host connection + Virtual IP + own PKI.

Tobias Brunner tobias at strongswan.org
Wed Feb 17 16:10:36 CET 2016

Hi Rodrigo,

> However when I connect,
> the client machine gets the Virtual IP from the Server 
> but the server doesn't get a virtual IP.

There is no mutual assignment of virtual IPs via configuration payloads.
 Refer to [1] for details.

> This is what I'm looking for:
> +-----------+             +-----------+
> |   moon    |-------------|    sun    |
> +-----------+             +-----------+
> Public IP: 213.X.X.X      Public IP: 213.X.X.X
> After connection:
> Virtual IP:  Virtual IP:

Just install these IPs on any active interface of these hosts (could be
lo).  Then configure them in left|rightsubnet, no need to configure


[1] https://wiki.strongswan.org/projects/strongswan/wiki/VirtualIp

More information about the Users mailing list