'[strongSwan] Ubuntu strongswan server and tplink vr400 client'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       strongswan-users
Subject:    [strongSwan] Ubuntu strongswan server and tplink vr400 client
From:       lenovomi <lenovomi () gmail ! com>
Date:       2019-12-29 0:34:07
Message-ID: CAAcrkYJiw_g5j57SicWWUCBvnuDT8qE8XeKvzB76rz_=FfqSuQ () mail ! gmail ! com
[Download RAW message or body]

Hello,

I installed ipsec/strongswan server on my ubuntu vm box 10.0.1.156 (which
is behind 2 routers, so 2x nat, last router has public ip) and want to
connect to it from my router (acting as a client, tplink). Client router
has public ip (wan) and lan 192.168.1.0/24.

I am not sure how to setup ipsec.conf left,leftid,leftsubnet and
right,rightid, and right subnet. Left is vm box, right is tplink router.

Is it correct if i set left=%any4, leftid=10.0.1.156, leftsubnet=
10.0.1.156/32, leftfirewall=yes
and right(router) right=%any4, rightid=%any, rightsubnet=192.168.1.0/24

At tplink router i set Tunnel access from local IP addresses: subnet
192.168.1.0/24 and Tunnel access from remote IP addresses: single address
10.0.1.156/32


Basically what I want is that all clients behind tplink router nat ie
192.168.1.x will be able to ping / access vm box 10.0.1.156.

Thank you!

[Attachment #3 (text/html)]

<div dir="auto">Hello,<div dir="auto"><br></div><div dir="auto">I installed \
ipsec/strongswan server on my ubuntu vm box 10.0.1.156 (which is behind 2 routers, so \
2x nat, last router has public ip) and want to connect to it from my router (acting \
as a client, tplink). Client router                has public ip (wan) and lan <a \
href="http://192.168.1.0/24">192.168.1.0/24</a>.  </div><div \
dir="auto"><br></div><div dir="auto">I am not sure how to setup                \
ipsec.conf left,leftid,leftsubnet and right,rightid, and right subnet. Left is vm \
box, right is tplink router.  </div><div dir="auto"><br></div><div dir="auto">Is it \
correct if i set left=%any4, leftid=10.0.1.156, leftsubnet=<a \
href="http://10.0.1.156/32">10.0.1.156/32</a>, leftfirewall=yes</div><div \
dir="auto">and right(router) right=%any4, rightid=%any, rightsubnet=<a \
href="http://192.168.1.0/24">192.168.1.0/24</a></div><div dir="auto"><br></div><div \
dir="auto">At tplink router i set Tunnel access from local IP addresses: subnet <a \
href="http://192.168.1.0/24">192.168.1.0/24</a> and Tunnel access from remote IP \
addresses: single address <a href="http://10.0.1.156/32">10.0.1.156/32</a></div><div \
dir="auto"><br></div><div dir="auto"><br></div><div dir="auto">Basically what I want \
is that all clients behind tplink router nat ie 192.168.1.x will be able to ping / \
access vm box 10.0.1.156.</div><div dir="auto"><br></div><div dir="auto">Thank you!  \
</div></div>



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic