[strongSwan] After connection, the external IP address does not change
Moataz Elmasry
moataz.elmasry2 at gmail.com
Thu Jan 5 16:11:55 CET 2017
Hi all,
I just setup strongswan server/client. The connection is established
successfully, but the external IP address does not change. I thought
that setting leftsubnet on the client and rightsubnet on the server to
0.0.0.0/0 forces all traffic to go through the created srongswan
interface. The server is a
digitalocean instance and the client is my local machine (behind NAT)
Here are my configuration:
Server ipsec.conf:
config setup
charondebug="cfg 7, esp 4, dmn 4, mgr 4, ike 3"
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
conn pubkey
left=myserver.com
leftsubnet=10.1.0.0/16
leftfirewall=yes
leftcert=vpnHostCert.der
leftauth=pubkey
leftsendcert=always
right=%any
rightsendcert=never
rightsourceip=10.3.0.0/16
rightdns=8.8.8.8,2001:4860:4860::8888
rightauth=eap-md5
rightsubnet=0.0.0.0/0
auto=add
And client ipsec.conf
config setup
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
conn pubkey
keyexchange=ikev2
left=%defaultroute
leftsourceip=%config
leftauth=eap
leftfirewall=yes
leftid=carol
leftsubnet=0.0.0.0/0
right=myserver.com
auto=add
rightauth=pubkey
rightca="C=DE, O=Contensi, CN=myserver.com
rightsubnet=10.1.0.0/16
rightsubnet=0.0.0.0/0
Any idea what am I doing wrong?
Thanks and regards,
Noataz
More information about the Users
mailing list