[strongSwan] vpn connection brings down local connections

Chris Purves chris at northfolk.ca
Thu Mar 29 14:50:43 CEST 2018


On 2018-03-26 3:46 PM, Noel Kuntze wrote:
> On 26.03.2018 19:42, Chris Purves wrote:
>> I have a windows client that I want to connect to the gateway and only the gateway.  The gateway is behind a router (so is the client, for that matter).  I can connect to the gateway, but once the vpn connection is made, the gateway is no longer available on the local network.
>>
>>
>> ipsec.conf:
>>
>> config setup
>>          charondebug="ike 1, knl 1, cfg 0"
>>          uniqueids = no
>>
>> conn ikev2-vpn
>>      auto=add
>>      keyexchange=ikev2
>>      forceencaps=yes
>>      dpdaction=clear
>>      dpddelay=300s
>>      rekey=no
>>      left=192.168.200.105
>>      leftsubnet=0.0.0.0/0
>>      leftid=@vesuvius.picomole.com
>>      leftcert=/etc/ipsec.d/certs/vpn-server-cert.pem
>>      leftsendcert=always
>>      right=%any
>>      rightid=%any
>>      rightauth=eap-mschapv2
>>      rightsourceip=192.168.200.200/28
>>      rightsubnet=0.0.0.0/0
>>      rightsendcert=never
>>      eap_identity=%identity
>>
 > Remove the rightsubnet setting, it's wrong.
 >

Thanks, Noel!  Your terse response has solved my problem.

-- 
Chris Purves

"...he was right in front of me trying to block my way, so I took him 
out." - Jean Chrétien


More information about the Users mailing list