On Thu, Jan 10, 2019 at 12:27 PM <[email protected]> wrote:
> Send Swan mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.libreswan.org/mailman/listinfo/swan > or, via email, send a message with subject or body 'help' to > [email protected] > > You can reach the person managing the list at > [email protected] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Swan digest..." > > > Today's Topics: > > 1. Re: Dropping AUTH message containing INITIAL_CONTACT on OSX > and Win10 (Derek Cameron) > 2. Help!! (Antonios Katsouros) > 3. Re: Help!! (Nick Howitt) > 4. Re: Help!! (Bruno de Paula Larini) > 5. Re: Dropping AUTH message containing INITIAL_CONTACT on OSX > and Win10 (Paul Wouters) > 6. Re: Help!! (Antonios Katsouros) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Wed, 9 Jan 2019 07:47:43 -0800 > From: Derek Cameron <[email protected]> > To: Paul Wouters <[email protected]> > Cc: [email protected] > Subject: Re: [Swan] Dropping AUTH message containing INITIAL_CONTACT > on OSX and Win10 > Message-ID: > <CAEW6Rjf5GfK2t= > [email protected]> > Content-Type: text/plain; charset="UTF-8" > > Thanks for your help. You're welcome to copy and paste anything you > like from my blog post > > https://dc77312.wordpress.com/2019/01/09/libreswan-ipsec-ikev2-vpn-on-rhel-8-beta-server-and-windows-10-client/ > > On Tue, Jan 8, 2019 at 8:08 AM Paul Wouters <[email protected]> wrote: > > > > Right. that changes the setting from EAP-TLS to Machine Certificate. I > > will add this to the FAQ section. Thanks! > > > > Under properties and TCP I believe there is an option for "send all > > traffic via VPN" > > > ------------------------------ > > Message: 2 > Date: Wed, 9 Jan 2019 19:56:27 +0300 > From: Antonios Katsouros <[email protected]> > To: [email protected] > Subject: [Swan] Help!! > Message-ID: > <CAPOZpEowY+8uzxpFL-=bujNqDhnM86E_4FNVX=kN1O0S= > [email protected]> > Content-Type: text/plain; charset="utf-8" > > Dear all!! > > newbie in list with a serious problem... > > I installed Libreswan through a vpn script ( this one : > https://github.com/hwdsl2/s... !.. Please I need your help... When the vpn > is establised, I need to add a route on the server (manually currently) in > order to access the network inside. > > My connection seems not that stable so every time the vpn falls and > reconnects, the route is lost from the server. So I have to go again to > server and add the route ( route add -net 192.168.61.0/24 gw 10.50.20.2 ). > Is there a way I can do this automatically??? So when the VPN is down and > reconnects, after reconnection, the server runs automatically this route on > its self ( route add -net 192.168.61.0/24 gw 10.50.20.2 ) . > > 10.50.20.1 is the server, 10.50.20.2 is the other side (client) which also > is on the rest network behind. > > Please can somebody help??? > > Hundreds of thanks in advance > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > https://lists.libreswan.org/pipermail/swan/attachments/20190109/45d4e009/attachment-0001.html > > > > ------------------------------ > > Message: 3 > Date: Wed, 9 Jan 2019 17:00:34 +0000 > From: Nick Howitt <[email protected]> > To: [email protected] > Subject: Re: [Swan] Help!! > Message-ID: <[email protected]> > Content-Type: text/plain; charset="us-ascii" > > An HTML attachment was scrubbed... > URL: < > https://lists.libreswan.org/pipermail/swan/attachments/20190109/6e8627bf/attachment-0001.html > > > > ------------------------------ > > Message: 4 > Date: Wed, 9 Jan 2019 15:14:54 -0200 > From: Bruno de Paula Larini <[email protected]> > To: [email protected] > Subject: Re: [Swan] Help!! > Message-ID: <[email protected]> > Content-Type: text/plain; charset="utf-8"; Format="flowed" > > Em 09/01/2019 14:56, Antonios Katsouros escreveu: > > My connection seems not that stable so every time the vpn falls and > > reconnects, the route is lost from the server. So I have to go again > > to server and add the route ( route add -net 192.168.61.0/24 > > <http://192.168.61.0/24> gw 10.50.20.2 ). Is there a way I can do this > > automatically??? So when the VPN is down and reconnects, after > > reconnection, the server runs automatically this route on its self ( > > route add -net 192.168.61.0/24 <http://192.168.61.0/24> gw 10.50.20.2 ) > . > > > > 10.50.20.1 is the server, 10.50.20.2 is the other side (client) which > > also is on the rest network behind. > > > I had a similar issue some months ago. You can add the "leftsourceip" > parameter to the config so the server will know the way to the other > side of the tunnel. Example: leftsourceip=10.50.20.1 > Then you can stop adding the route manually. > > -Bruno > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > https://lists.libreswan.org/pipermail/swan/attachments/20190109/895ee884/attachment-0001.html > > > > ------------------------------ > > Message: 5 > Date: Wed, 9 Jan 2019 13:07:09 -0500 (EST) > From: Paul Wouters <[email protected]> > To: Derek Cameron <[email protected]> > Cc: [email protected] > Subject: Re: [Swan] Dropping AUTH message containing INITIAL_CONTACT > on OSX and Win10 > Message-ID: <[email protected]> > Content-Type: text/plain; charset=US-ASCII; format=flowed > > On Wed, 9 Jan 2019, Derek Cameron wrote: > > > > > Thanks for your help. You're welcome to copy and paste anything you > > like from my blog post > > > https://dc77312.wordpress.com/2019/01/09/libreswan-ipsec-ikev2-vpn-on-rhel-8-beta-server-and-windows-10-client/ > > Thanks, I'll see about merging it onto the libreswan wiki. Thanks for > the permission! > > Some notes: > > - Please use "libreswan" or "Libreswan", not "LibreSwan" :) > - Does it survive rekeying? You might want/need to add > msdh-downgrade=yes to allow rekeying without or with wrong/bad > DH group 1024 (perhaps the latest Windows build fixed this?) > - I think you can fixup the authentication without using powershell, > but I would have to reclick through a windows box again to remember > how I did that. > > Paul > > > ------------------------------ > > Message: 6 > Date: Thu, 10 Jan 2019 12:27:13 +0300 > From: Antonios Katsouros <[email protected]> > To: [email protected] > Subject: Re: [Swan] Help!! > Message-ID: > < > capozpephase9kwa7n2mcugook77jpmzgskx9nuz+dmylsgq...@mail.gmail.com> > Content-Type: text/plain; charset="utf-8" > > Dear All, > > can please somebody help???? Please... your help is higlhy appreciated. > > many thanks > > On Wed, Jan 9, 2019 at 7:56 PM Antonios Katsouros < > [email protected]> > wrote: > > > Dear all!! > > > > newbie in list with a serious problem... > > > > I installed Libreswan through a vpn script ( this one : > > https://github.com/hwdsl2/s... !.. Please I need your help... When the > > vpn is establised, I need to add a route on the server (manually > currently) > > in order to access the network inside. > > > > My connection seems not that stable so every time the vpn falls and > > reconnects, the route is lost from the server. So I have to go again to > > server and add the route ( route add -net 192.168.61.0/24 gw 10.50.20.2 > > ). Is there a way I can do this automatically??? So when the VPN is down > > and reconnects, after reconnection, the server runs automatically this > > route on its self ( route add -net 192.168.61.0/24 gw 10.50.20.2 ) . > > > > 10.50.20.1 is the server, 10.50.20.2 is the other side (client) which > also > > is on the rest network behind. > > > > Please can somebody help??? > > > > Hundreds of thanks in advance > > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > https://lists.libreswan.org/pipermail/swan/attachments/20190110/9c04eb8d/attachment.html > > > > ------------------------------ > > Subject: Digest Footer > > _______________________________________________ > Swan mailing list > [email protected] > https://lists.libreswan.org/mailman/listinfo/swan > > > ------------------------------ > > End of Swan Digest, Vol 73, Issue 3 > *********************************** >
_______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
