Hi, > [...], the traffic is not forwarded. The VPN-Gateway has a internal IP > 192.168.16.45 and an external IP like XXX.XXX.94.199. So when the > client comes from the network 192.168.170.x, and not from 192.168.16.x > nothing happends.
As you don't seem to assign a virtual IP to the client, how should routing between your clients network and the internal network work? Do your internal clients know the route to the address the client uses? Usually you use virtual IPs (using rightsourceip) for such setups, where you can configure a route for the internal hosts to the VPN client. If this all should work transparently, you can use the farp plugin [1] that can do ARP faking for your VPN clients, optionally combined with the dhcp plugin [2]. These plugins are for charon, though, hence you'll need a 5.x version of strongSwan to handle IKEv1 clients with them. Regards Martin [1]http://wiki.strongswan.org/projects/strongswan/wiki/FARPPlugin [2]http://wiki.strongswan.org/projects/strongswan/wiki/DHCPPlugin _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
