Sujoy
On Thursday 05 April 2018 10:15 PM, Noel Kuntze wrote:
Hello Sujoy,
Do you mean to block all traffic that uses TCP port 80 (0.0.0.0/0[tcp/80]), but
the traffic that is protected in an established tunnel?
Or do you mean to block everything but what is protected?
Kind regards
Noel
=== 192.168.10.1/32
--
Thanks
Sujoy
Hi All,
I am facing a issue while establish tunnel through the nated Public
IP. When I connect to the same Strongswan server from LAN I get
"*CHILD_SA tunnel{2} established with SPIs cb7bd615_i c3fb87d7_o and TS
172.25.12.38/32 == 172.25.1.23/32"*. But from public network "IKE_SA
tunnel is
route installation is
enabled in strongswan.conf/charon.conf (the default).
Kind regards
Noel
On 09.03.2018 14:52, Sujoy wrote:
Thanks Noel, As you replied this is a new thread. Followed the bellow
forwarding and split tunneling link but cannot pass traffic through the
Strongswan tunnel.
https:
Thanks Noel, As you replied this is a new thread. Followed the bellow
forwarding and split tunneling link but cannot pass traffic through the
Strongswan tunnel.
https://wiki.strongswan.org/projects/strongswan/wiki/ForwardingAndSplitTunneling
Strongswan configuration details.
root@mlxvpn:~#
in *nat).
Kind regards
Noel
[1] https://wiki.strongswan.org/projects/strongswan/wiki/HelpRequests
On 07.03.2018 12:50, Sujoy wrote:
Hi Jafar,
I am not getting any output during "*ip route list table 220*" the tunnel is
established. And it is not allowing any type of traffic any
estination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@VPNTEST ~]#
Thanks
On Tuesday 06 March 2018 10:46 AM, Sujoy wrote:
Hi Jafar,
Thanks for the information. The ping is stopped as soon as the
tunnel is established to the right IP of the client. I ca
8 09:58 PM, Jafar Al-Gharaibeh wrote:
Hi Sujoy,
Can you ping the the server's IP address that you want to ssh to ?
Is that the same IP address where the tunnel terminates: the "right"
address on the client side ?
--Jafar
On 3/5/2018 12:31 AM, Sujoy wrote:
Hi Christopher,
Thanks
.
Tried with the following but doesn't works.
https://wiki.strongswan.org/issues/2351
https://serverfault.com/questions/601143/ssh-not-working-over-ipsec-tunnel-strongswan
Thanks
Sujoy
On Monday 05 March 2018 11:46 AM, Christopher Bachner wrote:
Hi Sujoy,
Do you route all traffic through
Hi Jafar,
I have successfully establish connection with tunneling between
OpenWRT client and CentOS as StrongSwan server. Now I am facing one
issue. How to enable ssh and http through IPSec tunnel in StrongSwan.
Thanks
Sujoy
On Friday 23 February 2018 09:05 PM, Jafar Al-Gharaibeh wrote
ruary 2018 11:21 AM, Sujoy wrote:
Thanks Jafar, for the update. But after setting up without subnet and
"type=tunnel or transport" it shows the same error "failed to
establish CHILD_SA, keeping IKE_SA. What should be issue.
Thanks
On Friday 09 February 2018 01:53 AM, Jafar A
Thanks Jafar, for the update. But after setting up without subnet and
"type=tunnel or transport" it shows the same error "failed to establish
CHILD_SA, keeping IKE_SA. What should be issue.
Thanks
On Friday 09 February 2018 01:53 AM, Jafar Al-Gharaibeh wrote:
Sujoy,
Ju
[3]: IKEv2 SPIs: c1a42433ade9fa28_i a52cfea6d767c397_r*,
pre-shared key reauthentication in 24 minutes
tunnel[3]: IKE proposal:
AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
Thanks
On Wednesday 07 February 2018 09:06 PM, Jafar Al-Gharaibeh wrote:
On 2/7/2018 9:22 AM, Sujoy wrote
: 175dcf9cdcf11b38_i* 9cc05896738a5e45_r,
pre-shared key reauthentication in 32 minutes
tunnel[1]: IKE proposal:
AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
Thanks
On Wednesday 07 February 2018 08:31 PM, Jafar Al-Gharaibeh wrote:
Sujoy,
Are you sure about
rightsubnet=192.168.1
] to 192.168.10.1[4500] (76 bytes)
parsed INFORMATIONAL response 4 [ D ]
establishing connection 'tunnel' failed
root@Device_BD2009:~#
Thanks & Regards
Sujoy
On Tuesday 16 January 2018 11:23 PM, Noel Kuntze wrote:
Hi,
Check the logs of the remote side.
It means the remote peer did not like the prop
keyingtries=0
ikelifetime=1h
lifetime=8h
dpddelay=30
dpdtimeout=1h
dpdaction=restart
authby=psk
auto=start
Thanks Sujoy
On Thursday 04 January 2018 03:38 AM, Noel Kuntze wrote:
Hi,
Only on the responder.
If you use dpd and enforce UD
suggest any solution for this.
--
Thanks & Reards
Sujoy
17 matches
Mail list logo