[prev in list] [next in list] [prev in thread] [next in thread] 

List:       strongswan-users
Subject:    Re: [strongSwan] Roadwarrior VPN same subnet
From:       Felipe Arturo Polanco <felipeapolanco () gmail ! com>
Date:       2019-12-22 16:12:36
Message-ID: CADcj3=7q6-XsTgQ_CpLavoJPt966GwbRizF-3G9Z=QA2QJscgg () mail ! gmail ! com
[Download RAW message or body]

Hi,

Please share with us your Strongswan configuration, $ iptables-save
output and $ ip xfrm policy output

Also, a brief description of which network/host needs to ping which
network/host. eg: 172.16.20.14 needs to ping 10.0.10.50 over the VPN
server at 172.16.20.1


On Sat, Dec 21, 2019 at 12:37 AM Du=C5=A1an Ili=C4=87 <dusan@comhem.se> wro=
te:
>
>
>
> ---- Du=C5=A1an Ili=C4=87 wrote ----
>
> Hi,
>
>
> I have configured a roadwarrior ikev2 strongswan setup with DHCP.
>
> Everything works when I assign the dhcp scope a separate subnet, but when=
 I assign IPs from the same subnet   it doesn't work. The strange thing is =
that the client can still connect and the gateway and other local clients c=
an reach the VPN client with ping, but not the other way around. So the cli=
ent responds to pings, but cannot itself ping or reach anything.
>
>
> I have checked iptables rules, routing tables and nat. Everything looks j=
ust fine. Also farp plugin is enabled.
>
>
> Do anyone recognize this behavior, if not, how should I go about troubles=
hooting this?
[prev in list] [next in list] [prev in thread] [next in thread]