Questions tagged [strongswan]
The strongswan tag has no usage guidance.
74
questions
0
votes
0
answers
7
views
How to setup strongswan VPN server on Linux Debian so that it could be used with Windows 10 built-in client?
I see that www.strongswan.org could be somehow used as a VPN server on Linux (Linux Wonderland 4.19.0-25-amd64 #1 SMP Debian 4.19.289-2 (2023-08-08) x86_64) which could be accessed by Windows 10 build-...
0
votes
0
answers
40
views
Strongswan - Communication doesn't work between hosts
I have created a SITE-TO-SITE IPSEC tunnel between my two branches, the tunnel is up and running and I can ping bidirectional both routers, the problem is that I can't do any type of communications (...
0
votes
0
answers
17
views
Cannot ping virtual subnet through strongSwan VPN
I set up strongSwan VPN, but I cannot ping the internal subnet.
The subnets are set up as virtual interfaces.
“A” side:
conn vpn-test
type=tunnel
auto=start
keyexchange=ikev2
authby=secret
left=188....
- 1
0
votes
0
answers
35
views
StrongSwan VPN Interface Issue
I need help understanding interfaces in Linux. I set up a StrongSwan VPN. The client asked for a specific subnet so I created a virtual interface called eth0:1. The LAN interface is eth1.
In the ipsec....
3
votes
1
answer
69
views
What's the "new" way of checking the established connections in strongswan
Previously it was in ipsec statusall.
Now with swanctl I can only see swanctl --list-conns but it only shows the configuration details, not the runtime statistics: eg bytes transferred, negotiated ...
- 829
1
vote
0
answers
65
views
Change IPSec IKEV2 VPN Default Ports 500 & 4500 To Anothers
For some reason OpenVPN is working on my local machine very well, But IPSec IKEV2 VPN not & it only works when OpenVPN is connect.
I have a domain for IPSec IKEV2 VPN & in local machine vpn is ...
- 21
0
votes
0
answers
62
views
Gre over IPsec Throuput performance
I am testing FRR DMVPN using Strongswan IPSec + GRE. Tunnels work great and they are easily established between the branch offices. Tunnels work great and they are easily established between the ...
0
votes
0
answers
15
views
Packets not going through vpn (in net2net-same network) scenario
I have followed the guide for an implementation having the same network on both sides ( https://www.strongswan.org/testing/testresults/ikev2/net2net-same-nets/)
And below are my configuration, I think ...
- 143
0
votes
0
answers
88
views
Using Strongswan IPSEC in Nvidia Jetson Device causes kernel crash - BUG: scheduling while atomic: swapper
I have an Nvidia Jetson Orin Nano with Linux for Tegra kernel 5.12.
I'm trying to use Strongswan which requires some modules to be set, which I did.
However, it seems that it is missing other kernel ...
- 101
1
vote
1
answer
890
views
IPSec tunnel works until rekeying, then gets NO_PROPOSAL_CHOSEN
Context
I have set up a site-to-site IPSec tunnel between a Raspberry Pi located in an office and a pfSense firewall in the cloud. I am using Strongswan for the Raspberry Pi side.
Issue
My tunnel ...
0
votes
0
answers
574
views
Debian 11: setting up L2TP + IPSec - IPSec fails?
I'm trying to configure a new VPN client (L2TP and IPSec) on a very small AWS EC2 system running Debian 11 without a desktop. I've got as far as getting NetworkManager to work, but the VPN connection ...
- 717
1
vote
0
answers
408
views
Site to site VPN with Ubuntu and StrongSwan
I am trying to build a site-to-site IPSec VPN based on Ubuntu 20.04.1 and StrongSwan. My goal is to interconnect the two sites without using NAT on the gateways.
In my lab I have:
I could get IPSec ...
0
votes
0
answers
215
views
change default route for VPN users
I have a linux (currently centos 8 but I can change it to anything) server running as l2tp VPN Server which has two network interfaces as below:
NIC1: 192.168.1.4/24 NIC2: 192.168.3.2/24
Default ...
- 1
0
votes
1
answer
638
views
ipsec pki error (plugin-openssl-failed-to-load-openssl-plugin-create-not found and no plugin file available)
Im trying to establish a vpn connection with a self signed certificate between 2 virtual machines in my M1 mac and it seems that its impossible to create the keys and the certificate due to the titles ...
- 11
0
votes
1
answer
35
views
Why didn't iptables apply the sames rules?
For some reason, my network encountered "Destination unreachable no route" error, this error happened periodicly, later I found that was a bug of my program.
But during that time, I found a ...
- 53