[strongSwan] A little help with the configuration
MOSES KARIUKI
kariukims at gmail.com
Mon Apr 1 07:56:10 CEST 2019
You need to set “sysctl net.ipv4.ip_forward=1” on the host running
Strongswan.
On Thu, Mar 28, 2019 at 6:25 PM xalloc <xalloc at protonmail.com> wrote:
> Sorry if I didn't explain properly this part in the OP, the gateway is an
> hardware firewall. We use its IPSEC.
> So no way to set that system value.
>
>
> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
> Il giovedì 28 marzo 2019 16:13, Brian Colby <brian.g.colby at gmail.com> ha
> scritto:
>
>
> Did you add “sysctl net.ipv4.ip_forward=1” on the gateway, as described
> on the page I sent?
>
> On Mar 28, 2019, at 02:23, xalloc <xalloc at protonmail.com> wrote:
>
> Do you mean forwarding client-side? I can't setup that, clients use both
> Windows and Linux, I need to provide them only the strongswan
> configuration. Everything should be handled only by Strongswan and the
> Gateway.
>
> Am I missing something on the page you linked?
>
>
>
> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
> Il mercoledì 27 marzo 2019 17:25, Brian Colby <brian.g.colby at gmail.com>
> ha scritto:
>
>
> Hi Xalloc,
>
> If you’re connecting but not passing traffic, you may not have forwarding
> setup properly. Have you checked out this page?
> https://wiki.strongswan.org/projects/strongswan/wiki/ForwardingAndSplitTunneling
>
> R/s,
> Brian
>
> On Mar 27, 2019, at 02:48, xalloc <xalloc at protonmail.com> wrote:
>
> Any kind soul please?
>
>
> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
> March 18 2019 10:18, xalloc <xalloc at protonmail.com> wrote:
>
> Hello, I'm setting up swanctl configuration file to connect to my company
> VPN but I'm missing something.
>
> [...]
>
> From those messages seems it can connect but when I ping something (even
> DNS) nothing works.
>
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20190401/f9eb8805/attachment.html>
More information about the Users
mailing list