Hello Everyone,
I am trying build test case with HA plugin and lan2lan tunnel behind nat, but I
want to confirm if patches posted on plugin wiki still required to rebuild
kernel and iptables ?
Slava.
___
Users mailing list
Users@lists.strongswan.org
Hello ,
After adding the below policy rule, i see that the icmp packets where
getting forwarded to net1 and sent out, however the reply was not getting
forwarded back to lan1 interface.
ip xfrm policy add src 0.0.0.0/0 dst 0.0.0.0/0 proto icmp dir fwd priority
0 action allow
Thanks,
Naveen
On T
Hi Thomas/Users,
Thanks for your reply. I am trying to get the forwarded packets to be ipsec
protected, where lan1 is forwarding packets to net1 interface, both these
interfaces are on the same linux vm. What rules should i add to get the
packets forwarded from on interface to the other. I see p
Hi Aleksey,
did you figure out what went wrong?
I have some other Problem with StrongSwan, in my Config I have only one-way
Sync Node1 > Node2.
And I'm sure your Problem is the next one I'm going to run into.
Greetings
Sven
___
Users mailing list
Us
Hi Dan,
> I am configuring my strongSwan instance on Debian Wheezy for a single
> road warrior to be able to connect via IKEv2. It works, but whenever
> I establish the tunnel from the remote client, the Debian instance
> floods the network with DHCP lease requests.
What client are you using? Ar
Hi Ruslan,
> As it claimed at documentation [1] charon.fragment_size is Maximum
> size (complete IP datagram size in bytes) of a sent IKE fragment.
> Q1: Does this size include NAT-T payload (I suppose it is 8 bytes,
> isn't it?) and the IP header itself (up to 60 bytes)?
Yes.
> According rfc [2
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On March 23, 2016 4:02:48 AM GMT+01:00, Naveen Neelakanta
wrote:
>Hello,
>
>Is it possible to configure strongswan not to add the below default
>policy rules.
>I am running strong swan in TEST namespace on linux and i don't see
>the arp working fro
