Hi,
I have installed strongswan and dnsmasq (which also is used as a dhcp server)
on the same host. I want to give remote computers ips through dnsmasq, so I
set:
righsourceip=%dhcp
Now strongswan seemed to have problems reaching the dhcp server. So I set
interface=eth1
in
Have an issue I've never seen before. Connecting to a remote Cisco router.
Have verified settings on the cisco, our rekey options look the same. We get
an established connection, then 30 seconds later a rekey happens and it
installs under the new one. This goes on forever. Here are the
Hi Kevin,
> I set "rightsubnet=0.0.0.0/0" which was working
> perfectly fine but after todays update, strongswan edits the default
> route of the main kernel table to ipsec0 which effectivly cuts of all
> management access.
strongSwan should install its routes in table 220, by default, not the
Hi folks,
the documentation say for left|rightikeport
"If unspecified, port 500 is used with the port floating to 4500 if a
NAT is detected ..."
This sounds pretty vague. I would like to tell strongswan to use 443/udp
for NAT traversal and dead peer detection, and to use port 500/udp for
Hi Harald,
> This sounds pretty vague. I would like to tell strongswan to use 443/udp
> for NAT traversal and dead peer detection, and to use port 500/udp for
> isakmp as usual. AFAICT this can be done with charon.port and charon.\
> port_nat_t, so I wonder what is left|rightikeport good for?
Hello,
I am trying to get StrongSwan running without success, and trying to track down
issues and reading the documentation, I find things like:
"Please make sure that the the following Linux 2.6 IPsec kernel modules are
available:
• af_key
• ah4
• esp4
•
