Hi,
I am using strongSwan to connect to a supplier's VPN, but am having
trouble understanding the IP network ranges required.
The server I'm connecting from is a Debian server with strongswan 5.5.1.
It has one public IP in a /29 so has one interface (bond0 using
eth0/eth1). There are iptable
Status output and debug below (anonymised, but consistent)
Status of IKE charon daemon (strongSwan 5.5.1, Linux 4.9.0-11-amd64,
x86_64):
uptime: 4 seconds, since Mar 25 14:45:06 2020
malloc: sbrk 1892352, mmap 0, used 417440, free 1474912
worker threads: 11 of 16 idle, 5/0/0/0 working,
On 25/03/2020 14:50, Noel Kuntze wrote:
server-to-aws: 10.100.15.1...y.y.y.y IKEv1, dpddelay=15s
I ended up adding an interface for 10.100.15.1 as that what appears to be
required.
The conn is configured for x.x.x.x, not 10.100.15.1. strongSwan doesn't need
such an address.
Set left=x.x.x.