[strongSwan] Site-to-site where LAN subnet of each side is WireGuard
Nguyễn Hồng Quân
ng.hong.quan at gmail.com
Tue Feb 11 17:59:00 CET 2020
Update:
After I added this to each server:
iptables -t nat -I POSTROUTING -m policy --pol ipsec --dir out -j ACCEPT
I can ping Sun's WireGuard IP (192.168.18.1) from Moon and vice versa.
But I cannot ping other IPs in the WireGuard LAN yet (cannot ping
192.168.18.19 from Moon, even that the machine is up).
On Tue, Feb 11, 2020 at 11:48 PM Nguyễn Hồng Quân <ng.hong.quan at gmail.com>
wrote:
> Hi Noel
>
> Here are all the log and swanctl config (except the certificates).
> I create the connection config in /etc/swanctl/conf.d/, without modifying
> the default /etc/swanctl/swanctl.conf (keep it as original as packaged by
> Ubuntu 19.10).
>
> https://bitbucket.org/snippets/hongquan/ynzxjg
>
>
--
Quân
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20200211/22f19083/attachment.html>
More information about the Users
mailing list