[strongSwan] problem with identical local peers addresses of two clients
Hendl Stephan
stephan.hendl at landtag.brandenburg.de
Fri Jan 18 07:39:59 CET 2019
Hi Tobias,
we are using radius authentication with user certificates.
rightauth=eap-radius
rightgroups="VPN_Verw"
"VPN_Verw" is the Radius Class-Attribut.
Regards,
Stephan
-----Ursprüngliche Nachricht-----
Von: Tobias Brunner <tobias at strongswan.org>
Gesendet: Donnerstag, 17. Januar 2019 15:26
An: Hendl Stephan <stephan.hendl at landtag.brandenburg.de>; 'users at lists.strongswan.org' <users at lists.strongswan.org>
Betreff: Re: [strongSwan] problem with identical local peers addresses of two clients
Hi Stephan,
> we’ve two windows 10 clients which got the identical IP-address from
> their dsl router at home. Now they are fighting against each other in
> catching the vpn tunnel. Is there a way to fix that beside reconfiguring
> the home router?
What type of authentication are you using? It seems the SAs are deleted
based on the IKE identity (which apparently is the private IP address
here). Using a different authentication method might force Windows to
use the actual identity of the user/certificate and not the IP address.
Regards,
Tobias
More information about the Users
mailing list