Highest Voted 'strongswan' Questions

5

votes

2 answers

How can I route only a particular subnet to the StrongSwan VPN but not my whole traffic on linux?

I have no particular competences on networking, so I'll do my best to explain my needs. On my Linux laptop I'm running StrongSwan (with NetworkManager) to connect to a particular VPN with IPsec. This VPN lets me reach these kind of IPs…

ipsec strongswan

asked Mar 20 '20 at 14:40

Codemix

63

4

votes

3 answers

Windows client cannot connect to StrongSwan: "EAP-Identity request configured, but not supported"

I've followed this tutorial to set up a StrongSwan VPN server, with the exceptions that I was using Debian 9, and that I used certs I already had from Let's Encrypt instead of standing up a CA. However, I still cannot connect to the VPN server. When…

strongswan

asked Aug 13 '18 at 21:38

dddddddd207

51

3

votes

1 answer

strongSwan - no matching peer config found

I am trying to setup strongSwan to configure an iPhone to it but I am getting an error that I have trouble overcoming. no matching peer config found The complete debug log is as follows: root@vpn-test:/home/ubuntu# ipsec start --nofork…

ipsec strongswan

asked Aug 02 '17 at 22:17

Bogdan

275

2

votes

1 answer

How to configure strongSwan to trust a raw RSA key

I need to use raw RSA keys for IKEv2 authentication (for testing purposes), but am not able to configure strongSwan (5.1.2) to "trust" them for remote authentication. ipsec.conf: conn %default left=%defaultroute …

rsa strongswan

asked Apr 01 '14 at 12:08

Kimvais

4,908

2

votes

0 answers

IKEv2 VPN connected but no Internet

There are a lot of questions on SE regarding this and I tried nearly all of them. Unfortunately none solved my problem. I followed the instruction on DigitalOcean, but adapted it a little to fit my OS (openSuSE Leap 42.3). To be clear,…

opensuse strongswan

asked Dec 26 '17 at 07:02

Ryan

131

2

votes

0 answers

Strongswan enable ESP packets hardware acceleration

My Linux kernel already support CESA hardware acceleration, and openssl can use this feature: # openssl speed -evp des3 -elapsed # cat /proc/interrupts | grep cesa 51: 464810 GIC cesa0 52: 464811 GIC cesa1 And I have enabled…

linux-kernel hardware-acceleration strongswan

asked Sep 02 '16 at 07:17

code farmer

61

2

votes

1 answer

Strongswan 5.5.0 RSA sigkeys

I'm setting up an IPSec connection between two Strongswan clients using RSA "sigkeys." The documentation says that leftsigkey and rightsigkey are used to provide the public RSA keys for the two participants but I don't know how to provide the…

ipsec rsa strongswan

asked Aug 17 '16 at 17:51

mgperkow

23

1

vote

1 answer

Routing 192.168.XX.XX address through local 192.168.1.1 instead of VPN

The problem lays on my side. The ip address im trying to resolve is 192.168.4.201 which routes through 192.168.1.1 (my local area network) instead of routing through VPN (10.10.X.X). How do i force 192.168.4.201 to always route through vpn 10.10.x.x…

routing strongswan

asked Aug 04 '14 at 13:40

user2207495

111

1

vote

1 answer

Using ubuntu-24.04 gnome network settings and nm-strongswan plugin. How do I successfully bring up an ipsec vpn tunnel?

On my Ubuntu 24.04.2 system. I am trying to bring up an ipsec vpn tunnel network interface via the gdm network settings gui. Gnome network settings Settings gui provided by strongswan plugin Error message on activating I have tried many different…

ubuntu gnome3 ipsec strongswan

asked Feb 08 '25 at 10:07

rogerjames99

21

1

vote

1 answer

Unable to ping Ubuntu VM once I connect it to my vpn provider

I'm going to try this again. The network diagram shows my setup. I need to redirect traffic from X5 10.0.40.0/24 through the iKev2 tunnel to the Strongswan server at 10.0.70.10. Then that traffic gets forwarded to the OpenVpn Server tun0…

ubuntu openvpn strongswan

asked Jan 09 '25 at 16:44

Razzberry

11

1

vote

0 answers

Use strongswan as local VPN server for private subnet

There are 2 subnets PRIVATE and PUBLIC, and there is only one host(PROXY) with 2 network interfaces connected to both subnets. The subnet PRIVATE has no internet access, and the subnet PUBLIC does. Currently the hosts in PRIVATE subnet access…

strongswan

asked Jan 04 '25 at 14:37

brook hong

499

1

vote

0 answers

Routing specific subnet through a local peer

I have two (almost identical) Ubuntu machines with the local IP of 10.0.0.10 and 10.0.0.20, let's call them TEN and TWENTY respectively. Both have the default gateway of 10.0.0.1. On TEN I have a site-to-site VPN setup (using StrongSwan) with a…

ubuntu routing ipsec strongswan

asked Nov 09 '23 at 20:45

0s r Fun

11
2

1

vote

0 answers

StrongSwan 5.9.1 (Debian Bullseye): Traffic from IPsec tunnel gets forwarded via Ethernet, but not via bridge

The following problem: I have a server that is, in addition to other tasks not relevant for the problem at hand, supposed to act as an IPsec gateway. When I'm using the Ethernet interface pointing to the 'Net for handling IPsec traffic and sending…

iptables gateway ipsec strongswan

asked Sep 07 '22 at 01:02

Robidu

256

1

vote

0 answers

Configuring proxy Squid under Strongswan private network

I cannot connect to Proxy Server (Squid) from my computer (Windows 10) via VPN (StrongSwan, IKev2) on my VPS (CentOS 8) I have no idea what I'm doing, so please bare with me! Port in firewall-cmd is opened, firewall restarted My computer is…

proxy squid strongswan

asked Aug 11 '22 at 22:25

Nickers

11

1

vote

1 answer

How to configure strongSwan eap-radius with FreeRadius for EAP-MSCHAPv2 authentication?

I am trying to configure a strongSwan IPsec VPN with RADIUS authentication. The actual EAP-MSCHAPv2 authentication to FreeRadius with OpenLDAP for username/passwords is successful, but then I am stuck with the following error message: Jul 15…

ipsec strongswan freeradius eap-mschapv2

asked Jul 15 '22 at 20:32

apohl

13

Questions tagged [strongswan]