Questions tagged [strongswan]

strongSwan is an open source, multi-platform IPsec-based VPN solution, with IKEv2 & IKEv1 support

strongSwan is an open source, multi-platform -based solution, with IKEv2 & IKEv1 support.

More information can be found on strongswan.org.

420 questions
26
votes
1 answer

IPsec for Linux - strongSwan vs Openswan vs Libreswan vs other(?)

Searching for IPSec and Linux one inevitably will be confronted with different solutions (see below) which all seem quite similar. The question is: where is the difference? I found these projects. All of them are open source, all are active (have a…
masgo
  • 423
  • 1
  • 4
  • 11
15
votes
2 answers

Strongswan vpn tunnel connected but the traffic is not routed through it

I have just set up a vpn tunnel site-to-site with strongswan (4.5). The tunnel looks fine and connected to the other side, but seems there is a problem routing traffic through the tunnel. Any idea? Thanks! Network…
telemaco
  • 251
  • 1
  • 2
  • 4
11
votes
2 answers

Strongswan VPN tunnel between two AWS instances won't connect

I am trying to set up a VPN tunnel using StrongSwan 5.1.2 between two Amazon AWS EC2 instances running Ubuntu 14.04.2 LTS. Prior to using StrongSwan, I used open(libre)swan on an Amazon RedHat AMI, which worked fine. For some reason I can't even…
lobi
  • 1,021
  • 2
  • 14
  • 26
9
votes
1 answer

Strongswan: "received NO_PROPOSAL_CHOSEN error notify" while connecting to Cisco ASA

I am trying to connect to Cisco ASA IKEv1 VPN with StrongSwan (5.5.1-4+deb9u1) on Debian Linux with 4.9.0-5-amd64 kernel. This is kind of classical question and I'have found lot of discussions on this topic and tried many config tweaking, but…
patok
  • 693
  • 1
  • 5
  • 14
9
votes
2 answers

How to configure StrongSwan IKEv2 VPN with PSK (pre-shared key)?

I'm looking for a configuration instructions for IKEv2 VPN that uses pre-shared keys instead of certs (those are different methods for tunnel encryption I'd assume?). I've followed this wonderful tutorial to get IKEv2 VPN working (with certificate)…
Dannie P
  • 223
  • 1
  • 2
  • 9
9
votes
2 answers

Strongswan (IKEv2) connection established, but no traffic routing

I've seen this sort of question posted a few times before, but so far, none of them have solved my issue. I'm trying to set up an IKEv2 VPN on my Ubuntu Server to use with my Windows Phone using Strongswan. The connection seems to be set up…
Jinhai
  • 93
  • 1
  • 1
  • 4
9
votes
1 answer

strongSwan setup where both sides are behind NAT

I'm trying to setup a strongSwan server in my home and connect to it from another network. Let's say sun is the VPN server and venus is the client. Both sun and venus are behind NAT networks. sun is not the gateway of my home networks. However,…
reish
  • 374
  • 1
  • 4
  • 12
8
votes
2 answers

Strongswan IKEv2 vpn on Windows 10 client "policy match error"

I have the newest version of Strongswan vpn on my ubuntu server running. I followed this tutorial here and got it to work on my android and Iphone. Now I want to get it to work on my windows 10 laptop but when I try to connect via the vpn settings…
sirzento
  • 183
  • 1
  • 1
  • 5
8
votes
1 answer

Strongswan VPN Established but no Packets Routed

I'm setting up a VPN using strongSwan between a Linux instance on an Amazon EC2 instance and a remote network via its Cisco concentrator. I need to route packets from the Linux instance itself a machine in the remote subnet. The connection is…
titusd
  • 181
  • 1
  • 1
  • 3
8
votes
3 answers

strongSwan IKEv2 + Windows 7 Agile VPN: What is causing Error 13801

I have an AWS instance that I want to be a VPN server. It will connect Windows 7 clients to a private network in the Amazon cloud. I have installed Ubuntu 12.04 and the strongswan-ikev2 package. ipsec version reports Linux strongSwan…
Micah R Ledbetter
  • 503
  • 1
  • 5
  • 17
6
votes
1 answer

How can I make strongSwan clients auto reconnect when server is down?

I would like clients to try reconnecting indefinitely if server is down so when it comes back, the client simply reconnects. Client ipsec.conf conn %default ike=aes256gcm16-sha384-modp3072! esp=aes256gcm16-sha384-modp3072! conn ikev2 …
sunknudsen
  • 581
  • 10
  • 26
6
votes
1 answer

IPSec strongswan "established successfully", but no ppp0

I'm trying to connect an Ubuntu Server 16.04 to an IPSec L2TP VPN using the strongswan client. Aparently the connection is established successfully, but the interface ppp0 isn't created. This is the result of sudo ipsec up myconnection: initiating…
leonardorame
  • 317
  • 3
  • 14
6
votes
1 answer

Exclude a local subnet from StrongSwan VPN

I have a computer with an extra, local-only Ethernet interface, with a private subnet. When a StrongSwan VPN is established, I cannot access that subnet. This is the local 'left' configuration (established by algo): conn ikev2-
user176315
  • 63
  • 1
  • 3
6
votes
0 answers

How to limit bandwidth per VPN connection?

I have a StrongSwan (IKEv2) server setup and would like to limit each VPN connection to 512kb/s. After researching I came across tc in Ubuntu. I don't quite understand it and am fighting through the manual pages. DEV=eth0 tc qdisc del dev $DEV…
Houman
  • 1,325
  • 3
  • 18
  • 30
6
votes
1 answer

Docker container can not access hosts behind VPN

I have a VPN gateway which allows remote access to a network with subnet 171.30.0.0/16. I have a local machine setup with ubuntu 14.04 and strongswan which connects to that VPN server using IKEv2 RSA and while connected, I'm successfully able to…
mohamnag
  • 171
  • 2
  • 8
1
2 3
27 28