Highest Voted 'strongswan' Questions - Unix and Linux Stack Exchange

9

votes

1 answer

Strongswan: several right subnets

I have a Strongswan installation on CentOS7 connecting to a Palo Alto router. I have no access to the config on the remote router. I want to configure two subnets on the other side - one is only a single IP. I have this config in ipsec.conf: conn…

ipsec strongswan

asked Mar 15 '17 at 18:58

Peter

193
1
1
6

8

votes

1 answer

IPsec VPN with strongSwan to FortiGate

I'm trying to connect to a FortiGate and access our continuous integration server via an IPsec VPN tunnel. I have no control over the FortiGate's configuration. On my laptop running Windows 10, I successfully used FortiClient to reach the…

vpn ipsec strongswan

asked Feb 14 '18 at 15:47

Matthias Braun

7,797
7
45
54

6

votes

1 answer

NAT outbound IPSEC packets using pf on FreeBSD 11 and StrongSwan x FortiGATE

I've been working for more than a week trying to get outbound packets nat'ed to fit a Security Association. This is my (example) scenario: LAN: 1.1.1.0/24 FreeBSD interface: xn0 (Amazon EC2 instance) Virtual Address to nat traffic from:…

freebsd ipsec pf strongswan

asked Jul 22 '18 at 22:46

Tiago Sampaio

101
6

4

votes

1 answer

Why use strongswan rather than native vpn support

As far as I understand, FreeBSD comes with the native ability to make vpn connections. Ist strongswan a package, that comes on top of the freebsd ipsec stack or is it a replacement?

freebsd ipsec strongswan

asked Dec 26 '16 at 11:08

user207225

3

votes

1 answer

IPsec IKEv2 succesful but Linux VTI does not work with SNAT

If you think troubleshooting IPsec is tedious, please forget about my logs and just let me know the implementation process, I'm still confused and any information is helpful. I removed SPIs and here is my IP map: Our private IP address: 10.1.1.2 Our…

iptables ipsec strongswan

asked Jul 23 '19 at 09:50

user363597

2

votes

1 answer

IPsec PSK VPN with strongSwan to FortiGate with one-time-password(Fortitoken)

So I am using Strongswan to connect to remote Fortigate since native Fortinet VPN client does not support IPsec. I also have hardware FortiToken 200 that provides a OTP. My current config is the following: /etc/ipsec.conf conn…

ipsec strongswan xauth

asked Nov 23 '21 at 15:48

fteox

21
2

2

votes

2 answers

L2TP over IPSec on Debian 10

My Debian 10 box has a Wifi interface, wlx08beac0a6c1d running a WEP AP for old hardware that doens't wupport WPA. My main network is 192.168.1.0/24 and this interface is configured to be 192.168.2.1. For starters that interface is restricted to one…

ipsec strongswan l2tp xl2tpd

asked Nov 10 '20 at 17:37

Richard Barraclough

405
1
5
22

2

votes

0 answers

Strongswan AUTH_FAILED

I am trying to configure VPN server Strongswan and have a problem: the server always sends to the clients the following response: IKE_AUTH [ N(AUTH_FAILED) ] I've tried to change log level editing file /usr/local/etc/ipsec.conf to charondebug="ike…

configuration vpn authentication strongswan

asked Mar 04 '20 at 13:25

mblw

121
3

2

votes

1 answer

Strongswan several subnet problem with vpn racoon

I should migrate the current racoon daemon to strongswan on some routers. To do this in operation I have to be able to install strongswan a little at a time, which will have to run a vpn with the racoon daemon. With racoon I was able to run all the…

linux networking vpn strongswan

asked Nov 19 '19 at 10:16

manstt

21
4

2

votes

0 answers

strongSwan lan to lan / PKI RSA self CA - tunnel (0 up, 1 connecting), just the RSA tunnel without using of the self CA works fine

I am trying to create an x.509 based tunnel by using a self-signed CA certificate. I am creating the solution at the AWS, and VPN gateways are Debian Stretch machines version Linux ip-10-0-0-208 4.9.0-8-amd64 #1 SMP Debian 4.9.110-3+deb9u3…

debian tunneling strongswan

asked Aug 11 '19 at 14:51

klaus

41
5

2

votes

0 answers

Fedora 30 - VPN L2TP IPSEC disconnects short after connection successfully

I am having some problems when configuring VPN in my envrionment. For Mac and Windows users works normally but for me it connects and disconnects shortly after. The Router alghoritm: My IPSEC configuration: Log of successfully connection: mag 07…

fedora vpn strongswan

asked May 07 '19 at 10:45

Bruno

21
3

2

votes

1 answer

StrongSwan - ipsec pki command

I would like to know why the first time I run the "ipsec pki" command to get a private key this key is generated quickly, but the next time you try to run the same command to get this key because you have deleted the old one it takes about 5-10…

ipsec strongswan

asked Dec 18 '18 at 10:40

melmansuri

77
1
9

2

votes

3 answers

bind mounts get removed with network namespaces?

Strongswan daemon puts its .pid and .ctl files in /var/run to detect if it is already running. I want to run multiple of these daemons on the same machine within different network namespaces. I am trying to achieve this by bind mounting different…

linux filesystems mount strongswan

asked Apr 28 '17 at 22:54

Samar

121
2

2

votes

1 answer

How to install missing kernel modules? Is it possible?

My machine: An Ubuntu server 16.04 LTS on a PINE64 with an ARM 64-bit processor (Linux pine64 3.10.105-0-pine64-longsleep #3 SMP PREEMPT Sat Mar 11 16:05:53 CET 2017 aarch64 aarch64 aarch64 GNU/Linux) My goal is to get my PINE64 worked as a VPN…

linux-kernel kernel-modules vpn strongswan

asked Apr 01 '17 at 20:37

Taiki Bessho

1,085
1
9
14

2

votes

1 answer

Strongswan forwarding traffic between two IPsec tunnels where one is a host

I'm facing a similar question as described here, but the solution did not work in my scenario. I have a VPN server A with a static external IP address AA.AA.AA.AA, an internal IP of 192.168.1.1 and an internal subnet of 192.168.1.0/24 a VPN server…

routing vpn strongswan

asked Jan 08 '17 at 22:18

hanjo

123
1
6

Questions tagged [strongswan]