[strongSwan] Routing
Christian Salway
christian.salway at naimuri.com
Fri Jul 27 10:36:46 CEST 2018
I have also tried setting the clients to use a 192.168.5.0/24 ip range and that doesnt work either :/
I suspect its something I'm missing with StrongSwan and setting a route back to the client ip.
> On 27 Jul 2018, at 07:18, Christian Salway <christian.salway at naimuri.com> wrote:
>
> Thanks, Jafar,
>
> That didn't solve it though.
>
> radius: #12, ESTABLISHED, IKEv2, 2f7f6a6d36925325_i 63ab06e78f39d832_r*
> local '***********' @ *********[4500]
> remote '192.168.0.31' @ *********[4500] EAP: 'christian.salway' [10.0.0.10]
> AES_CBC-256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
> established 0s ago, rekeying in 13009s
> passive: CHILD_CREATE IKE_AUTH_LIFETIME IKE_MOBIKE
> child_sa_1: #12, reqid 5, INSTALLED, TUNNEL-in-UDP, ESP:AES_CBC-256/HMAC_SHA2_256_128
> installed 0s ago, rekeying in 3491s, expires in 3960s
> in c4b386cb, 0 bytes, 0 packets
> out 066b00fc, 0 bytes, 0 packets
> local 10.0.0.0/20
> remote 10.0.0.10/32
>
> # ip r
> default via 172.31.16.1 dev eth0
> 10.0.0.0/22 via 172.31.16.1 dev eth0
> 10.0.0.0/20 via 172.31.48.1 dev eth1
> 172.31.16.0/20 dev eth0 proto kernel scope link src 172.31.21.144
> 172.31.48.0/20 dev eth1 proto kernel scope link src 172.31.51.247
>
>
> On my OSX
>
> $ netstat -nr
> Routing tables
>
> Internet:
> Destination Gateway Flags Refs Use Netif Expire
> default 192.168.0.1 UGSc 83 0 en0
> default link#13 UCSI 0 0 ipsec0
> 10/20 10.0.0.1 UGSc 1 0 ipsec0
> 10.0.0.1 10.0.0.1 UH 2 0 ipsec0
>
>
>> On 26 Jul 2018, at 23:00, Jafar Al-Gharaibeh <jafar at atcorp.com <mailto:jafar at atcorp.com>> wrote:
>>
>> ip route add 10.0.0.0/22 dev eth0 via 172.31.0.1
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20180727/f4a80365/attachment-0001.html>
More information about the Users
mailing list