[strongSwan] problem with identical local peers addresses of two clients
stephan.hendl at landtag.brandenburg.de
Fri Jan 18 07:39:59 CET 2019
we are using radius authentication with user certificates.
"VPN_Verw" is the Radius Class-Attribut.
Von: Tobias Brunner <tobias at strongswan.org>
Gesendet: Donnerstag, 17. Januar 2019 15:26
An: Hendl Stephan <stephan.hendl at landtag.brandenburg.de>; 'users at lists.strongswan.org' <users at lists.strongswan.org>
Betreff: Re: [strongSwan] problem with identical local peers addresses of two clients
> we’ve two windows 10 clients which got the identical IP-address from
> their dsl router at home. Now they are fighting against each other in
> catching the vpn tunnel. Is there a way to fix that beside reconfiguring
> the home router?
What type of authentication are you using? It seems the SAs are deleted
based on the IKE identity (which apparently is the private IP address
here). Using a different authentication method might force Windows to
use the actual identity of the user/certificate and not the IP address.
More information about the Users