[strongSwan] fail to set up tunnel with examples

I refer to this example https://www.strongswan.org/testing/testresults/ikev2/shunt-policies-nat-rw/index.html But I found that if I didn't setup rightid in sun's ipsec.conf like this example. The connection will fail. "... Received INTERNAL_ADDRESS_FAILURE notify, no CHILD_SA built Fail to establ

[strongSwan] ipsec+gre with strongswan-lancom

Hi all, I would like to set up an IPsec connection with GRE tunnel to route all traffic from a Lancom router to a Linux server. I successfully installed VPN and GRE between two Lancoms - this works fine. Now I replaced one Lancom with a Linux server and installed strongswan 5.5.1. I got succe

[strongSwan] how to connect two tunnel on the same gateway?

Hi, guys, I have 2 laptop established ikev2 vpn to gateway moon. Laptop1's IP is 10.70.1.108 and Laptop2's IP is virtual IP 10.3.0.1 I can ping both laptop1 and laptop1 to gateway 192.168.58.1 without problem. But how can I have laptop2 to be able to ping Laptop1's IP. It always fail. I guess I

Re: [strongSwan] Fortinet vpn client compatibility with strongswan

Hi Akshar, > client receives response IDci=IP ADRESSS > which was sent in request and IDcr=ID_IPV4_ADDR_SUBNET(0400 > 0afe ff00). > Fortinet clinet was printing "VPNmismatched ID > was returned." Looks like you configured leftsubnet=10.254.0.0/24 on the server but the client exp

Re: [strongSwan] allocating SPI failed: Unknown error (524)?

Sure, I did. Nothing in there. On the other hand, if the error is ENOTSUPP, why should the kernel log anything. On 02/25/2017 12:17 AM, Noel Kuntze wrote: > Could be. Did you look in the kernel log when that error appeared? > On 24.02.2017 20:57, hb wrote: >> When configuring the kernel? One of th