strongSwan is an open source, multi-platform IPsec-based VPN solution, with IKEv2 & IKEv1 support
strongSwan is an open source, multi-platform ipsec-based vpn solution, with IKEv2 & IKEv1 support.
More information can be found on strongswan.org.
Questions tagged [strongswan]
420 questions
0
votes
0 answers
Strongswam VPN keep showing 1 ip established instead of all configured Security Associations (1 up, 0 connecting):
I have configured Strongswam Ipsec vpn tunnel in my Ubuntu server trying to connect to company xxx with ip 40.204.128.170, 40.204.152.238 port 10501 and 40.204.152.232 port 8001 Security Associations (1 up, 0 connecting):
nano /etc/ipsec.conf…
user9893661
- 1
- 1
0
votes
1 answer
Connection to server works fine but clients cannot access internet
I am trying to setup a stronSwan server on Debian buster following a guide I wrote for stretch.
The connection to the server works fine but clients cannot access the internet.
What am I missing?
cat /etc/ipsec.conf
config setup
charondebug="ike 1,…
sunknudsen
- 581
- 10
- 26
0
votes
0 answers
IKEv2 Need a small help on Strongswan
I'm trying to create an IKEv2 Strongswan VPN server (U5.7.2/K5.3.0-42-generic) since two days on my personnal VPS (Ubuntu 19.10) to make some tests before implement it on the Unifi equipment of my work (I hope that will be possible)
I've used…
mathpro
- 1
- 1
0
votes
1 answer
Setting up Strongswan site to site VPN on Google Cloud instance
I've installed Strongswan on 2 Google Debian instances in separate projects (actually separate accounts) so there's no route between them on the internal ip's. Ultimately I need to allow VPN connection from outside the Google cloud. I'm pretty much…
Martin Moore
- 105
- 2
0
votes
0 answers
Strongswan Centos 7 Config Issue
I have a problem with configuring Strongswan on Centos 7 ! First please notice that I want to connect with only username and password and I don't want to import any profiles on my phone ! My server ip is 88.99.45.140 or hostname ik.xpdns.xyz and I…
master lfc6
- 27
- 1
- 6
0
votes
0 answers
Is this a server, config, or user issue?
I'm having some trouble with my VPN connection. First off, I'm on a Nokia 3.1 running Android 9 and using strongswan for a IKEv2/EAP connection. I've searched the strongswan site front and back and found nothing related to my issue. I've tried to…
ToxicTech
- 1
- 4
0
votes
0 answers
Clients unable to connect to StrongSwan IKEv2 VPN Server using modems
I have a StrongSwan vpn server running on an ubuntu 18 machine.
Everything is fine as long as clients connect using their mobile data. But when they try to connect from a modem (Either using a cable or wifi) they end up receiving connection…
Bamdad
- 101
- 1
- 3
0
votes
1 answer
strongswan ikev2 connect to the same server
I have a strongswan ikev2 vpn installed on my server.
With my win10 laptop I can connect to the vpn and and connect to everything via vpn.
But how can I connect to my server? I have a service on a blocked port on my server so I am using this vpn.…
BestimmungGefördert
- 111
- 1
- 1
- 5
0
votes
0 answers
How do I send the responder identity correctly in an IKEv2 site-to-site PSK vpn setup with Strongswan?
I'm trying to set up an IKEv2 site-to-site PSK vpn setup with legacy Strongswan
/etc/ipsec.conf
config setup
charondebug="all"
uniqueids=no
strictcrlpolicy=no
conn ikev2-vpn
auto=add
dpdaction=restart
compress=no
…
saranicole
- 101
- 1
- 3
0
votes
1 answer
Strongswan IPSEC Tunnel block traffic one way
I've set up a working Site to Site IPSEC Tunnel with strongswan on a debian 9 machine. However I have a requirement about how the traffic should work : The network on Site A can send packets to Site B Network and receive acks. Site B can only…
Ror
- 111
- 2
- 12
-1
votes
1 answer
What iptables rules do I need for strongSwan clients?
I use the following rules on the server:
sudo iptables -A INPUT -p udp --dport 500 -j ACCEPT
sudo iptables -A INPUT -p udp --dport 4500 -j ACCEPT
sudo iptables -A FORWARD --match policy --pol ipsec --dir in --proto esp -s 10.0.2.0/24 -j…
sunknudsen
- 581
- 10
- 26
-1
votes
1 answer
What is the value of strongswan's leftfirewall=1 and rightfirewall=1
Do these two options do anything bad when they're not supposed to be enabled and they are enabled? is there any example of what exactly they do, or if we need them.
My ipsec gateway is a VPC instance that is behind a NAT (10.0.10.0/24)
I want to…
Evan Carroll
- 2,245
- 10
- 34
- 50
-1
votes
1 answer
What exactly does packing with pkcs -certfile do?
I've been using the openssl pkcs12 command to pack my certs/keys up for Windows 8,
openssl pkcs12 -export \
-in win8client-cert.pem \
-inkey win8client-key.pem \
-certfile ca-cert.pem \
-out win8client.p12 …
Evan Carroll
- 2,245
- 10
- 34
- 50
-1
votes
1 answer
Strongswan & Windows client: connection freezes in a few minutes
On an AWS VPS, I installed Strongswan to use it as a VPN. It works fine with iPhone client. However, when I try to connect from a Windows client, the SA connection gets established successfully and works fine for a few minutes, but after a few…
m. vokhm
- 1
- 5
-4
votes
1 answer
Debian 9 dummy network adapter - works on Local but not Remote?
I'm trying to set up an IPSEC tunnel between my remote external server and a locally situated machine. My remote has a naked public IP4 in a data-centre. My nearby server has a local NAT hidden 192.168.x.y address, however I have forwarded all the…
birdwes
- 88
- 1
- 1
- 12