Re: [strongSwan] Accessing VPN client from private network
Hi Marco, > FARP is configured on both client and gateway, and I can reach > all the internal network from the vpn client (ubuntu linux). > ... > Still pinging the vpn client from the internal network does not work. You mean you are able to e.g. ping hosts in the remote network from the client (i.e. you get a response from an IP other than 192.168.1.10, which belongs to the server)? But if you try to ping the client's IP (192.168.1.20) from a host in that network you don't get a reply? Try debugging this with tcpdump/Wireshark on the hosts in that network, check if the ARP packets are correctly sent/received and where the ICMPs requests go etc. Also check your firewall/NAT rules. Regards, Tobias
Re: [strongSwan] Accessing VPN client from private network
Hi Marco, > VPN Client -> Gateway -> internal network with some servers > The VPN gets an IP from DHCP Server (i.e 192.168.1.100) > Gateway has IP 192.168.1.10, can ping the VPN client 192.168.1.100 > Pinging the VPN client from a server in the network (e.g. 192.168.1.20) does > not work. > > What am I missing? See [1]. Regards, Tobias [1] https://wiki.strongswan.org/projects/strongswan/wiki/ForwardingAndSplitTunneling#Hosts-on-the-LAN
[strongSwan] Accessing VPN client from private network
Hi, sorry if my question has already been posted, but could not find an answer: Is it possible to access to a VPN client from the private network? I’ll make an example (I have strongswan in place for the VPN): VPN Client -> Gateway -> internal network with some servers The VPN gets an IP from DHCP Server (i.e 192.168.1.100) Gateway has IP 192.168.1.10, can ping the VPN client 192.168.1.100 Pinging the VPN client from a server in the network (e.g. 192.168.1.20) does not work. What am I missing? BR Marco
