[strongSwan] Roadwarrior VPN same subnet
Felipe Arturo Polanco
felipeapolanco at gmail.com
Sun Dec 22 17:12:36 CET 2019
Hi,
Please share with us your Strongswan configuration, $ iptables-save
output and $ ip xfrm policy output
Also, a brief description of which network/host needs to ping which
network/host. eg: 172.16.20.14 needs to ping 10.0.10.50 over the VPN
server at 172.16.20.1
On Sat, Dec 21, 2019 at 12:37 AM Dušan Ilić <dusan at comhem.se> wrote:
>
>
>
> ---- Dušan Ilić wrote ----
>
> Hi,
>
>
> I have configured a roadwarrior ikev2 strongswan setup with DHCP.
>
> Everything works when I assign the dhcp scope a separate subnet, but when I assign IPs from the same subnet it doesn't work. The strange thing is that the client can still connect and the gateway and other local clients can reach the VPN client with ping, but not the other way around. So the client responds to pings, but cannot itself ping or reach anything.
>
>
> I have checked iptables rules, routing tables and nat. Everything looks just fine. Also farp plugin is enabled.
>
>
> Do anyone recognize this behavior, if not, how should I go about troubleshooting this?
More information about the Users
mailing list