[strongSwan] IPtables settings
Felipe Arturo Polanco
felipeapolanco at gmail.com
Mon Jan 13 15:36:37 CET 2020
Hi,
Please also send the content of /etc/ipsec.conf and/or /etc/swanctl.conf ,
/etc/swanctl/swanctl.conf , the file where you defined your site-to-site
settings.
On Mon, Jan 13, 2020 at 10:27 AM cristiant at newro.co <cristiant at newro.co>
wrote:
> Also it ipsec.conf file
>
> # basic configuration
> config setup
> charondebug="all"
> uniqueids=yes
> strictcrlpolicy=no
>
> # connection to paris datacenter
> conn totorum-to-camulodunum
> authby=secret
> left=%defaultroute
> leftid=111.111.111.45
> leftsubnet=172.16.11.0/24
> right=222.222.222.210
> rightsubnet=172.16.15.0/24
> ike=aes256-sha2_256-modp1024!
> esp=aes256-sha2_256!
> keyingtries=0
> ikelifetime=1h
> lifetime=8h
> dpddelay=30
> dpdtimeout=120
> dpdaction=restart
> auto=start
>
> On 1/13/20 4:15 PM, Felipe Arturo Polanco wrote:
>
> Hi,
>
> Please send us the following information:
>
> Strongswan configuration and
> Output of:
> iptables-save
> ip xfrm policy
> ip route show
> ip rule show
> ip address show
>
> Thanks,
>
>
> On Mon, Jan 13, 2020 at 10:13 AM cristiant at newro.co <cristiant at newro.co>
> wrote:
>
>> Hello,
>>
>> I am trying to set up a point-to-point VPN connection between two KVM
>> hosts running Ubuntu 18.04 LTS.
>>
>> For struggling fro more then a week to make it work but without success.
>>
>> The tunnel seams to be running but I cannot make the connection between
>> internal subenets.
>>
>> Can anyone tell me what iptables rules should I set?
>>
>> Thank you!
>>
>> Best regards!
>>
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20200113/d6eef955/attachment-0001.html>
More information about the Users
mailing list