[strongSwan] IPsec connections between a pair of clients (behind the same NAT) and a server

Vijaya Venkatachalam vijaya.venkatachalam at gmail.com
Sat Apr 15 10:44:27 CEST 2017


I am new to strongswan and I am trying to establish connection from my
laptop to a server.
I am behind a NAT.
This IPsec connection gets established and I can send traffic back and
forth between the client and the server.

Now when I try to connect to the server from another laptop (also behind
the same NAT) without IPsec, I cannot connect to it because the server sees
the same IP coming out of the NAT and so applies the policy to encrypt the
response being sent by the server to the client. And the client doesn't
know how to decrypt the response and hence the connection fails.

So I decided to establish another IPsec connection from my second laptop to
the server.
But I am not able to do that. Now is this because the NAT is sending the
same IP for both the clients behind it? And so I cannot establish IPsec
connection to the same server from two different clients which are behind
the same NAT?

Is there anyway for establishing IPsec with the two clients behind a NAT?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170415/1523f5bb/attachment.html>

More information about the Users mailing list