Strongswam VPN keep showing 1 ip established instead of all configured Security Associations (1 up, 0 connecting):

Question

I have configured Strongswam Ipsec vpn tunnel in my Ubuntu server trying to connect to company xxx with ip 40.204.128.170, 40.204.152.238 port 10501 and 40.204.152.232 port 8001 Security Associations (1 up, 0 connecting):

nano /etc/ipsec.conf file

config setup
charondebug="all"
uniqueids=yes

conn yyy-to-xxx
authby=secret
left=10.12.0.8
leftid=30.71.172.92
leftsourceip=%config
leftsubnet=10.12.0.8/32
right=40.204.128.170
ike=aes256-sha1-modp1024!
esp=aes256-sha1!
pfs=no
aggressive=no
keyingtries=0
keyexchange=ikev1
ikelifetime=1h
lifetime=24h
dpddelay=30
dpdtimeout=120
dpdaction=restart
type=tunnel
auto=start
conn add_xxx_sub0
also=yyy-to-xxx
right=40.204.152.238
rightsubnet=40.204.152.238/32[%any/10501]
leftsubnet=10.12.0.8/32
auto=start
conn add_xxx_sub1
also=yyy-to-xxx
right=40.204.152.232
rightsubnet=40.204.152.232/32[%any/8001]
auto=start

ipsec status

Security Associations (1 up, 0 connecting): yyy-to-xxx[51]: ESTABLISHED 14 seconds ago, 10.12.0.8[30.71.172.92]...40.204.128.170[40.204.128.170]

ipsec statusall

Status of IKE charon daemon (strongSwan 5.6.2, Linux 5.0.0-1034-gcp, x86_64): uptime: 17 minutes, since Apr 17 16:40:58 2020 malloc: sbrk 1622016, mmap 0, used 823744, free 798272 worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 112 loaded plugins: charon aesni aes rc2 sha2 sha1 md4 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp agent xcbc hmac gcm attr kernel-netlink resolve socket-default connmark stroke updown eap-mschapv2 xauth-generic counters Listening IP addresses: 10.12.0.8 Connections: yyy-to-xxxx: 10.12.0.8...40.204.128.170 IKEv1, dpddelay=30s yyy-to-xxx: local: [30.71.172.92] uses pre-shared key authentication yyy-to-xxx: remote: [40.204.128.170] uses pre-shared key authentication yyy-to-xxx: child: 10.12.0.8/32 === dynamic TUNNEL, dpdaction=restart add_xxx_sub0: child: 10.12.0.8/32 === 40.204.152.238/32[10501] TUNNEL, dpdaction=restart add_xxx_sub1: child: 10.12.0.8/32 === 40.204.152.232/32[8001] TUNNEL, dpdaction=restart add_xxx_sub2: child: 10.12.0.8/32 === dynamic TUNNEL, dpdaction=restart Security Associations (1 up, 0 connecting): yyy-to-xxx[54]: ESTABLISHED 7 seconds ago, 10.128.0.8[30.71.172.92]...40.204.128.170[40.204.128.170] yyy-to-xxx[54]: IKEv1 SPIs: e5f0058cab84984d_i* 123b59c38f1bb2fa_r, pre-shared key reauthentication in 46 minutes yyy-to-xxx[54]: IKE proposal: AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024 yyy-to-xxx[54]: Tasks queued: QUICK_MODE QUICK_MODE QUICK_MODE QUICK_MODE yyy-to-xxx[54]: Tasks active: MODE_CONFIG

you mentioned 3 ips for office location, so you are trying to establish site to site vpn with 3 of them separately? — Nazia Jahan Trisha, Apr 21 '20 at 08:52
@NaziaJahanTrisha yes i have already activate ipv4 forwarding — user9893661, Apr 21 '20 at 16:28

Strongswam VPN keep showing 1 ip established instead of all configured Security Associations (1 up, 0 connecting):

0 Answers0