As in this?
# sudo iptables -A FORWARD --match policy --pol ipsec --dir in --proto esp
-s 10.4.34.70/32 -j ACCEPT
# sudo iptables -A FORWARD --match policy --pol ipsec --dir out --proto
esp -d 10.4.34.70/32 -j ACCEPT
On 13 March 2018 at 23:22, Noel Kuntze <
noel.kuntze+strongswan-users-ml@ther
You need to accepts ESP packets in *filter INPUT (-p esp).
On 12.03.2018 06:01, Brenden wrote:
> I'm guessing my NAT rules may be messed up, any ideas what might be wrong?
>
>
> # iptables-save
> # Generated by iptables-save v1.6.0 on Mon Mar 12 14:22:04 2018
> *nat
> :PREROUTING ACCEPT [14:1916
I'm guessing my NAT rules may be messed up, any ideas what might be wrong?
# iptables-save
# Generated by iptables-save v1.6.0 on Mon Mar 12 14:22:04 2018
*nat
:PREROUTING ACCEPT [14:1916]
:INPUT ACCEPT [14:1916]
:OUTPUT ACCEPT [37:2220]
:POSTROUTING ACCEPT [18:1080]
-A POSTROUTING -m policy --di
Hi,
Your iptables rules in the *nat table probably cause your issue.
Take a look at the article about forwarding and split tunneling[1]. And stop
using `iptables -L`, it doesn't show you everything. Always use `iptables-save`
or `iptables-save -c` instead.
Kind regards
Noel
[1]
https://wiki
Hi All,
I'm attempting to run StrongSwan on Ubuntu 16.04.3 LTS.
IPs chanaged for privacy:
My server IP 110.0.0.110
My subnet is 110.0.0.0/25
Internal IP: 192.168.50.214
Remote Peers: 1.2.3.111 (pri) / 1.2.3.112 (sec)
The primary connection is currently not configured (its still running on
our h