[strongSwan] Can NOT Ping private client IP from Strongswan VPN server

MOSES KARIUKI kariukims at gmail.com
Mon Feb 25 12:24:39 CET 2019

Hello Tobias,

I managed to pick ** from the server, after restarting StrongSwan
from the client. However, I cant telnet port 80, might be a port
forwarding issue. One question, I would like to ask is, how come the VPN
server never gets assigned a private IP?
What can I ping on the server from the client apart from the server's
public IP that can be used to ascertain the VPN connection?

As always, thanks a lot for your help.

Moses K

On Mon, Feb 25, 2019 at 1:50 PM Tobias Brunner <tobias at strongswan.org>

> Hi Moses,
> > Security Associations (1 up, 0 connecting):
> >    ikev2-vpn[21]: ESTABLISHED 41 minutes ago,  102.1*9.2**.***[
> > 102.1*9.2**.***]... 185.135.*.** [remoteprivate]
> >    ikev2-vpn[21]: IKEv2 SPIs: 0338f500edc84652_i 1ae30618408f64a4_r*,
> > rekeying disabled
> >    ikev2-vpn[21]: IKE proposal:
> > AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
> You don't have any CHILD_SAs established.  Check the logs.
> Regards,
> Tobias
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20190225/3d65edb5/attachment.html>

More information about the Users mailing list