[strongSwan] vpn connection brings down local connections
Chris Purves
chris at northfolk.ca
Thu Mar 29 14:50:43 CEST 2018
On 2018-03-26 3:46 PM, Noel Kuntze wrote:
> On 26.03.2018 19:42, Chris Purves wrote:
>> I have a windows client that I want to connect to the gateway and only the gateway. The gateway is behind a router (so is the client, for that matter). I can connect to the gateway, but once the vpn connection is made, the gateway is no longer available on the local network.
>>
>>
>> ipsec.conf:
>>
>> config setup
>> charondebug="ike 1, knl 1, cfg 0"
>> uniqueids = no
>>
>> conn ikev2-vpn
>> auto=add
>> keyexchange=ikev2
>> forceencaps=yes
>> dpdaction=clear
>> dpddelay=300s
>> rekey=no
>> left=192.168.200.105
>> leftsubnet=0.0.0.0/0
>> leftid=@vesuvius.picomole.com
>> leftcert=/etc/ipsec.d/certs/vpn-server-cert.pem
>> leftsendcert=always
>> right=%any
>> rightid=%any
>> rightauth=eap-mschapv2
>> rightsourceip=192.168.200.200/28
>> rightsubnet=0.0.0.0/0
>> rightsendcert=never
>> eap_identity=%identity
>>
> Remove the rightsubnet setting, it's wrong.
>
Thanks, Noel! Your terse response has solved my problem.
--
Chris Purves
"...he was right in front of me trying to block my way, so I took him
out." - Jean Chrétien
More information about the Users
mailing list