Hi.
I've got a strange problem, and I hope you could help:
I am currently using StrongSwan to protect my mobile devices when using Free
Wifi Access Points.
On Android, using the StrongSwan App, I can connect to the VPN, and all Traffic
is routed through the VPN (if I disable the forwarding in the server's
iptables, the mobile device cannot access the internet any more).
But If I want to use the VPN with a Windows 10 client (Tablet, Desktop PC)
using IKEv2, the connection is set up, I can connect to the virtual IP 10.1.1.1
for the server or 10.1.1.x for the windows device from both sides.
But in Windows, the connection status states "IP 10.1.1.21, Netmask
255.255.255.255, No Gateway", so that any traffic to the internet is send
unencryptedly via the normal internet connection.
What do I have to do to let windows route everything through the VPN?
My configuration is a follows:
/etc/ipsec.conf
config setup
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
keyexchange=ikev2
conn nat-t
left=<ip-addresse of Server>
leftcert=server_cert.pem
leftid="<certificate>"
leftfirewall=yes
leftsubnet=0.0.0.0/0
right=%any
rightsubnet=10.1.1.0/24
rightsourceip=10.1.1.20/24
auto=add
I have created certificates for all devices, so that I do not have any PSKs.
The server runs on Ubuntu 14.04, StrongSwan U5.1.2/K3.13.0-91-generic.
Best regards,
Dirk
_______________________________________________
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
