> > > > > > If I do a ping from the ipsec client to the host, it stalls. > > > > When I execute in the libreswan container this command > > > > arping -c 10 -i eth1 -S 192.168.x.3 192.168.11.15 > > > > The ipsec client can ping the host but after 7 seconds, the ping stalls > again.
the arping is only sending 10, then quits and 7 seconds after that the ping stalls. > > > > Anyone had something like this? > > I'm a but confused between your use of "ping" and "arping". > > If with libreswan stopped, no this is during a logged in session. > your arpping is stalling, this would not be a > libreswan issue. not the ping is stalling, when I stop the simultanously running arping. > If with libreswan up, arpping is causing stalls, that > would indicate some issue related to the system with libreswan. > I just have problems getting this config running https://libreswan.org/wiki/VPN_server_for_remote_clients_using_IKEv2_split_VPN with such a config leftsubnet=192.168.21.0/24 rightaddresspool=192.168.21.200-192.168.21.210 The problem is that somehow when the arpping is stopped, remote hosts are 'forgetting' about the location of the ipsec clients. That is the problem to be solved. I have to little network tcp/ip knowledge what/why/when a remote host will forget about this ip. I think the above configuration only works if one pings ip addresses that are on the host, I don't think hosts on the network can be reached. _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
