Re: [strongSwan] Running on AWS behind Elastic IP

Holy crap I got it to work! What was the problem? Old crappy router at the far end. All I had to do was force ikeV1 with a keyexchange = ikev1 and my existing config worked like a charm. Thanks everyone! - Matt > On Nov 17, 2016, at 12:50 AM, Mathew Marulla wrote: > >

Re: [strongSwan] Running on AWS behind Elastic IP

Protocol 50 is open for ESP. Not using AH. Kinda moot since I have yet to get beyond IKE. Thanks! - Matt > On Nov 17, 2016, at 12:32 AM, Krishnanarayanan VR > wrote: > > Ports 500 and 4500 are open to the remote routers in the EC2 security group. > > AH & ESP open

Re: [strongSwan] Running on AWS behind Elastic IP

> > Ports 500 and 4500 are open to the remote routers in the EC2 security > group. > AH & ESP open too ? ___ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] triggering MOBIKE in strongswan

Hi Ravi, yes, your understanding is correct. Our MOBIKE example scenario https://www.strongswan.org/testing/testresults/ikev2/mobike/index.html shows the interface change: 13[IKE] peer supports MOBIKE 07[KNL] 192.168.0.50 disappeared from eth1 15[KNL] interface eth1 deactivated 16[KNL] fec0::5

Re: [strongSwan] Running on AWS behind Elastic IP

On 16 Nov 2016, at 19:42, Mathew Marulla wrote: > Confused now... Is your VPN entirely within AWS? Yes. > If not, how are you connecting over the public internet with a private IP? I don’t. I connect to the EIP. But StrongSWAN don’t need to know that.

Re: [strongSwan] Running on AWS behind Elastic IP

Confused now... Is your VPN entirely within AWS? If not, how are you connecting over the public internet with a private IP? I'm going to do a quick network diagram this evening so I can communicate better what I am trying to do. Cheers, - Matt > On Nov 16, 2016, at 1:16 PM, Turbo

Re: [strongSwan] Running on AWS behind Elastic IP

On 16 Nov 2016, at 17:56, Mathew Marulla wrote: > If I am reading your reply correctly, it seems you are getting this to work > by not using an elastic IP, but just the public IP of your instance. Then > using a script to update it as needed. Maybe that’s the only way… > > I

Re: [strongSwan] Running on AWS behind Elastic IP

I know the leftid parameter relates to certificates, which I am not using, but does it also relate to sending the right identity to the remote router? I assumed so based on this passage in the docs: how the left|right participant should be identified for authentication; But after re-reading,

Re: [strongSwan] Running on AWS behind Elastic IP

On 16 Nov 2016, at 05:27, Mathew Marulla wrote: > Although I have read just about every tutorial and similar posting I can find > about running StrongSwan on an EC2 instance, I still can not seem to get it > to work. I’m doing the same thing, but I started “from scratch”

Re: [strongSwan] strongswan on android phone does nothing (select profile, does nothing)

Hi Don, > I'm not sure what else to try, can anyone suggest? If you are using Google's Project Fi, please have a look at [1]. Regards, Tobias [1] https://wiki.strongswan.org/projects/strongswan/wiki/AndroidVPNClient#Known-LimitationsIssues ___ Users