[strongSwan] Mobike on strongswan MAC OSX Client
pankaj razdan
pankajrazdan at yahoo.com
Wed Jul 29 14:52:38 CEST 2020
Hi Tobias,
Thanks you for your response.
Please see my response inline below.
Thanks,Pankaj
> I am facing issue with strongswan MAC OS X client which I have compiled
> from source.
>
> version
> --------------
> Starting IKE charon daemon (strongSwan 5.7.2dr2, Linux
> 4.15.0-112-generic, x86_64)
That seems to contradict what you wrote above (Linux != macOS). And why
use an old developers release?
<PR> Sorry my bad. I copied from linux system rather than from MAC. We have ported this version to both linux and MAC. We are planning to move to latest version in this quarter. There were few vpp plugins which we could leverage from this release.
> I am able to connect to server in road warrior scenario. When I switch
> wifi on my MAC laptop, source outer IP address (192.168.1.5) does not
> change for IKE SA.
If the "old" address is still available and a route leads to it, nothing
will change unless you force the daemon to ignore the current path by
enabling charon.prefer_best_path (depending on the routes, the path
might still not change).
<PR> Thank you. I made this change in strongswan.conf, it still did not work. So I changed route based on "new" address from CLI (route change cmd), then I could see outer IP changed to "new" IP. However, I could not see these packets in wireshark capture.
Jul 29 14:33:37 02[NET] error writing to socket: Can’t assign requested addressJul 29 14:33:37 14[IKE] <exd-1|1> path probing attempt 8Jul 29 14:33:37 14[IKE] <exd-1|1> ExC: get_source_addr for dst 32.2.4.18, src (null)Jul 29 14:33:37 14[IKE] <exd-1|1> ExC: get_route, 192.168.1.112
Jul 29 14:33:37 14[KNL] <exd-1|1> using 192.168.1.112 as address to reach 32.2.4.18Jul 29 14:33:37 14[IKE] <exd-1|1> checking path 192.168.1.112[4500] - 32.2.4.18[4500]Jul 29 14:33:37 14[NET] <exd-1|1> sending packet: sock: from 192.168.1.112[4500] to 32.2.4.18[4500] (96 bytes)Jul 29 14:33:37 14[IKE] <exd-1|1> ExC: get_source_addr for dst 192.168.124.100, src (null)Jul 29 14:33:37 14[IKE] <exd-1|1> ExC: get_route
I was wondering whether my approach is wrong or it is more of the system issue I am facing. All I am doing is switching wifi on my machine to test Mobike.
Regards,Pankaj
On Wednesday, July 29, 2020, 01:26:47 PM GMT+5:30, Tobias Brunner <tobias at strongswan.org> wrote:
Hi Pankaj,
> I am facing issue with strongswan MAC OS X client which I have compiled
> from source.
>
> version
> --------------
> Starting IKE charon daemon (strongSwan 5.7.2dr2, Linux
> 4.15.0-112-generic, x86_64)
That seems to contradict what you wrote above (Linux != macOS). And why
use an old developers release?
> I am able to connect to server in road warrior scenario. When I switch
> wifi on my MAC laptop, source outer IP address (192.168.1.5) does not
> change for IKE SA.
If the "old" address is still available and a route leads to it, nothing
will change unless you force the daemon to ignore the current path by
enabling charon.prefer_best_path (depending on the routes, the path
might still not change).
Regards,
Tobias
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20200729/017e82ec/attachment.html>
More information about the Users
mailing list