[strongSwan] OpenWRT. IPSec server

Sujoy sujoy.b at mindlogicx.com
Sat Jan 6 07:15:55 CET 2018 

Hi All,

We are able to connect to StrongSwan IPSec using LAN IP. But in the same 
system which is having Public IP with NAT trying to connect it says one 
connecting only. Connection could not establish.

Someone can please help me in solving this.


Thanks & Regards


On Thursday 04 January 2018 07:16 PM, Noel Kuntze wrote:
> Not on openwrt. But you need plaintext or AD like passwords in LDAP. Otherwise you can't auth with mschap(v2).
>
> On 04.01.2018 14:38, Giuseppe De Marco wrote:
>> Yes Noel and thank you, my question is:
>> Is there any experiences about running strongswan in openwrt as ikev2 server with mschap,radius,ldap auth backend?
>>
>> 2018-01-04 14:17 GMT+01:00 Noel Kuntze <noel.kuntze+strongswan-users-ml at thermi.consulting <mailto:noel.kuntze+strongswan-users-ml at thermi.consulting>>:
>>
>>      Hi,
>>
>>      `ipsec` is just a command line tool. It's not a daemon (or generally a service).
>>      Are there any open questions?
>>
>>      Kind regards
>>
>>      Noel
>>
>>      On 04.01.2018 14:14, Giuseppe De Marco wrote:
>>      > Hi and thank you Noel,
>>      > I meant to run ipsec and charon in the embedded openwrt router, I use dpd as well
>>      >
>>      >   # dead-peer detection to clear any "dangling" connections in case the client unexpectedly disconnects
>>      >   dpdaction=clear
>>      >   # If the tunnel has no traffic for this long (default 30 secs), Charon will send a dead peer detection packet. The value 0 means to not send such packets, relying on ordinary traffic, which will occur at least once an hour, which is the default rekeying lifetime.
>>      >   dpddelay=33s
>>      >   #  DPD Retries : 3
>>      >   dpdtimeout=300s
>>      >
>>      > Running strongswan in a 18-70$ openwrt router is very usefull in many way
>>
>>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20180106/b2294f02/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cjkgkemjjdbabldn.png
Type: image/png
Size: 145464 bytes
Desc: not available
URL: <http://lists.strongswan.org/pipermail/users/attachments/20180106/b2294f02/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Sujoy.jpg
Type: image/jpeg
Size: 80526 bytes
Desc: not available
URL: <http://lists.strongswan.org/pipermail/users/attachments/20180106/b2294f02/attachment-0001.jpg>

More information about the Users mailing list