[strongSwan] After connection, the external IP address does not change
Noel Kuntze
noel at familie-kuntze.de
Tue Jan 10 22:13:03 CET 2017
Hello Moataz,
On 10.01.2017 18:49, Moataz Elmasry wrote:
> Client ipsec.conf:
>
> conn pubkey
> conn pubkey
> keyexchange=ikev2
> left=%defaultroute
> leftsourceip=%config
> leftauth=eap
> leftfirewall=yes
> leftid=sdfds23rfsdffddfddss
> leftsubnet=0.0.0.0/0
> right={MY_SERVER}
> auto=add
> rightauth=pubkey
> rightca="C=DE, O=MYORG, CN=MYDOMAIN"
> rightsubnet=10.1.0.0/16
That looks absurdly wrong. Specify rightsubnet=0.0.0.0/0 and leftsubnet=%dynamic or ommit it completely. Otherwise
claim to have the whole internet behind yourself and the remote side has 10.1.0.0/16 in this configuration. ;)
--
Mit freundlichen Grüßen/Kind Regards,
Noel Kuntze
GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 866 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170110/ec7c2168/attachment-0001.sig>
More information about the Users
mailing list