[strongSwan] FreeBSD endpoints issue
Support SimpleRezo
simplerezo at gmail.com
Tue Feb 23 11:37:51 CET 2021
Hi
I have setup a StrongSWAN VPN IPsec tunnel between two hosts:
[LAN_A] <=> [HOST_A][PUBLIC_IP_A] <=> [PUBLIC_IP_B][HOST_B] <=> [LAN_B]
LAN_A: 192.168.1.0/24
LAN_B: 192.168.6.0/24
HOST_A route:
192.168.6.0/24 gw PUBLIC_IP_A
It's working: hosts on LAN_A can reach LAN_B hosts and vice-versa.
But, on the endpoints running StrongSWAN, I cannot reach remote LAN except if I
specify the source address of LAN.
host_A# ping 192.168.6.1
(no answer)
host_A# ping -S 192.168.1.254 192.168.6.1
(works)
That's seems logic to me, because by default packet sent to remote LAN are
using the route LAN_B gateway IP_PUBLIC_A, so kernel is using IP_PUBLIC_A
as source (checks by tcpdump).
What I need to setup to be able to reach the remote LAN from each peer
without specifying source IP address ?
Thanks for you help
--
Clement
SimpleRezo
More information about the Users
mailing list