[prev in list] [next in list] [prev in thread] [next in thread]
List: strongswan-users
Subject: [strongSwan] Ubuntu strongswan server and tplink vr400 client
From: lenovomi <lenovomi () gmail ! com>
Date: 2019-12-29 0:34:07
Message-ID: CAAcrkYJiw_g5j57SicWWUCBvnuDT8qE8XeKvzB76rz_=FfqSuQ () mail ! gmail ! com
[Download RAW message or body]
Hello,
I installed ipsec/strongswan server on my ubuntu vm box 10.0.1.156 (which
is behind 2 routers, so 2x nat, last router has public ip) and want to
connect to it from my router (acting as a client, tplink). Client router
has public ip (wan) and lan 192.168.1.0/24.
I am not sure how to setup ipsec.conf left,leftid,leftsubnet and
right,rightid, and right subnet. Left is vm box, right is tplink router.
Is it correct if i set left=%any4, leftid=10.0.1.156, leftsubnet=
10.0.1.156/32, leftfirewall=yes
and right(router) right=%any4, rightid=%any, rightsubnet=192.168.1.0/24
At tplink router i set Tunnel access from local IP addresses: subnet
192.168.1.0/24 and Tunnel access from remote IP addresses: single address
10.0.1.156/32
Basically what I want is that all clients behind tplink router nat ie
192.168.1.x will be able to ping / access vm box 10.0.1.156.
Thank you!
[Attachment #3 (text/html)]
<div dir="auto">Hello,<div dir="auto"><br></div><div dir="auto">I installed \
ipsec/strongswan server on my ubuntu vm box 10.0.1.156 (which is behind 2 routers, so \
2x nat, last router has public ip) and want to connect to it from my router (acting \
as a client, tplink). Client router has public ip (wan) and lan <a \
href="http://192.168.1.0/24">192.168.1.0/24</a>. </div><div \
dir="auto"><br></div><div dir="auto">I am not sure how to setup \
ipsec.conf left,leftid,leftsubnet and right,rightid, and right subnet. Left is vm \
box, right is tplink router. </div><div dir="auto"><br></div><div dir="auto">Is it \
correct if i set left=%any4, leftid=10.0.1.156, leftsubnet=<a \
href="http://10.0.1.156/32">10.0.1.156/32</a>, leftfirewall=yes</div><div \
dir="auto">and right(router) right=%any4, rightid=%any, rightsubnet=<a \
href="http://192.168.1.0/24">192.168.1.0/24</a></div><div dir="auto"><br></div><div \
dir="auto">At tplink router i set Tunnel access from local IP addresses: subnet <a \
href="http://192.168.1.0/24">192.168.1.0/24</a> and Tunnel access from remote IP \
addresses: single address <a href="http://10.0.1.156/32">10.0.1.156/32</a></div><div \
dir="auto"><br></div><div dir="auto"><br></div><div dir="auto">Basically what I want \
is that all clients behind tplink router nat ie 192.168.1.x will be able to ping / \
access vm box 10.0.1.156.</div><div dir="auto"><br></div><div dir="auto">Thank you! \
</div></div>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic