[prev in list] [next in list] [prev in thread] [next in thread] 

List:       strongswan-users
Subject:    [strongSwan] Client connected but can not reach the internet
From:       "raceface" <raceface_the_one () gmx ! net>
Date:       2014-10-30 10:47:16
Message-ID: 004e01cff42e$df5423a0$9dfc6ae0$ () net
[Download RAW message or body]

Hi all,

I could get my WP8.1 connect to strongswan but obviously there're some thing
preventing the phone getting into the internet.

This is the log of the connection:

11[IKE] assigning virtual IP 10.2.0.1 to peer 'raceface2nd@domain'
11[IKE] peer requested virtual IP %any6
11[IKE] no virtual IP found for %any6 requested by 'raceface2nd@domain'
11[IKE] CHILD_SA rw-mschapv2{2} established with SPIs c8b21228_i 52304b5c_o
and TS 0.0.0.0/0 === 10.2.0.1/32
11[ENC] generating IKE_AUTH response 5 [ AUTH CPRP(ADDR) SA TSi TSr
N(MOBIKE_SUP) N(NO_ADD_ADDR) ]

I already changed /etc/sysctl.conf by adding
net.ipv4.ip_forward = 1
net.ipv4.conf.default.proxy_arp = 1
net.ipv4.conf.default.arp_accept = 1
net.ipv4.conf.default.proxy_arp_pvlan = 1
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.icmp_ignore_bogus_error_responses = 1

and did iptables --table nat --append POSTROUTING --jump MASQUERADE as well
as iptables -A POSTROUTING -t nat -j SNAT --to-source "public IP of
strongswan".

Any ideas what could went wrong?



_______________________________________________
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
[prev in list] [next in list] [prev in thread] [next in thread]