Sorry, there's apparently a mistake in my network setup. Please ignore the original question.
On 01/03/2014 05:43 PM, Chris wrote: > Dear All, > > sorry, I have to ask again. > > I'd like to setup a VPN-server for Windows 8 road warriors with > Authentication using EAP-MSCHAP v2, like it's described in [1]. > > Do I have to install an L2TP-Server like xl2tpd? I've setup StrongSwan > and the VPN connection is established. I can ping the client, but can't > ping the server or any internet host. What's the error? > > When I ping the server, the ping seems not to go through the tunnel: > 17:40:06.216364 IP 192.168.122.164 > 192.168.122.217: ICMP echo request, > id 1, seq 32, length 40 > > The client has no default gateway. Is this correct? > > PPP-Adapter strongswan: > > Verbindungsspezifisches DNS-Suffix: > Beschreibung. . . . . . . . . . . : strongswan > Physische Adresse . . . . . . . . : > DHCP aktiviert. . . . . . . . . . : Nein > Autokonfiguration aktiviert . . . : Ja > IPv4-Adresse . . . . . . . . . . : 10.1.0.1(Bevorzugt) > Subnetzmaske . . . . . . . . . . : 255.255.255.255 > Standardgateway . . . . . . . . . : 0.0.0.0 > DNS-Server . . . . . . . . . . . : 8.8.4.4 > 8.8.8.8 > NetBIOS über TCP/IP . . . . . . . : Deaktiviert > > C:\Users\chris>route print > > =========================================================================== > Schnittstellenliste > 25...........................strongswan > 3...52 54 00 4e 8d 72 ......Realtek > RTL8139C+-Fast-Ethernet-Netzwerkkarte > 1...........................Software Loopback Interface 1 > 4...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter > 5...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface > 15...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #2 > > =========================================================================== > > IPv4-Routentabelle > > =========================================================================== > Aktive Routen: > Netzwerkziel Netzwerkmaske Gateway Schnittstelle > Metrik > 0.0.0.0 0.0.0.0 192.168.122.1 192.168.122.164 > 4245 > 0.0.0.0 0.0.0.0 Auf Verbindung 10.1.0.1 21 > 10.1.0.1 255.255.255.255 Auf Verbindung 10.1.0.1 276 > 127.0.0.0 255.0.0.0 Auf Verbindung 127.0.0.1 4531 > 127.0.0.1 255.255.255.255 Auf Verbindung 127.0.0.1 4531 > 127.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 4531 > 192.168.122.0 255.255.255.0 Auf Verbindung 192.168.122.164 > 4501 > 192.168.122.164 255.255.255.255 Auf Verbindung 192.168.122.164 > 4501 > 192.168.122.217 255.255.255.255 Auf Verbindung 192.168.122.164 > 4246 > 192.168.122.255 255.255.255.255 Auf Verbindung 192.168.122.164 > 4501 > 224.0.0.0 240.0.0.0 Auf Verbindung 127.0.0.1 4531 > 224.0.0.0 240.0.0.0 Auf Verbindung 192.168.122.164 > 4501 > 224.0.0.0 240.0.0.0 Auf Verbindung 10.1.0.1 21 > 255.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 4531 > 255.255.255.255 255.255.255.255 Auf Verbindung 192.168.122.164 > 4501 > 255.255.255.255 255.255.255.255 Auf Verbindung 10.1.0.1 276 > > =========================================================================== > Ständige Routen: > Keine > > This is xfrm policy and state: > > src 10.1.0.1/32 dst 192.168.122.0/24 > dir fwd priority 1827 ptype main > tmpl src 192.168.122.164 dst 192.168.122.217 > proto esp reqid 7 mode tunnel > src 10.1.0.1/32 dst 192.168.122.0/24 > dir in priority 1827 ptype main > tmpl src 192.168.122.164 dst 192.168.122.217 > proto esp reqid 7 mode tunnel > src 192.168.122.0/24 dst 10.1.0.1/32 > dir out priority 1827 ptype main > tmpl src 192.168.122.217 dst 192.168.122.164 > proto esp reqid 7 mode tunnel > src 0.0.0.0/0 dst 0.0.0.0/0 > dir 3 priority 0 ptype main > src 0.0.0.0/0 dst 0.0.0.0/0 > dir 4 priority 0 ptype main > src 0.0.0.0/0 dst 0.0.0.0/0 > dir 3 priority 0 ptype main > src 0.0.0.0/0 dst 0.0.0.0/0 > dir 4 priority 0 ptype main > src ::/0 dst ::/0 > dir 3 priority 0 ptype main > src ::/0 dst ::/0 > dir 4 priority 0 ptype main > src ::/0 dst ::/0 > dir 3 priority 0 ptype main > src ::/0 dst ::/0 > dir 4 priority 0 ptype main > > > > src 192.168.122.217 dst 192.168.122.164 > proto esp spi 0x69417baa(1765899178) reqid 7(0x00000007) mode > tunnel > replay-window 32 seq 0x00000000 flag 20 (0x00100000) > auth hmac(sha1) 0xa255e860ff8a25d2e5f7f9baf31c01f865fbacb9 (160 > bits) > enc cbc(aes) 0x7c16ff294cce1a2f1ecacb89f8e9b2a9 (128 bits) > lifetime config: > limit: soft (INF)(bytes), hard (INF)(bytes) > limit: soft (INF)(packets), hard (INF)(packets) > expire add: soft 847(sec), hard 1200(sec) > expire use: soft 0(sec), hard 0(sec) > lifetime current: > 0(bytes), 0(packets) > add 2014-01-03 17:01:45 use - > stats: > replay-window 0 replay 0 failed 0 > src 192.168.122.164 dst 192.168.122.217 > proto esp spi 0xc03d142c(3225228332) reqid 7(0x00000007) mode > tunnel > replay-window 32 seq 0x00000000 flag 20 (0x00100000) > auth hmac(sha1) 0xa6811c1af264ad253d961cb55b04c0913676200c (160 > bits) > enc cbc(aes) 0xdabc758a3757e7f04c6f6f3b223015a2 (128 bits) > lifetime config: > limit: soft (INF)(bytes), hard (INF)(bytes) > limit: soft (INF)(packets), hard (INF)(packets) > expire add: soft 964(sec), hard 1200(sec) > expire use: soft 0(sec), hard 0(sec) > lifetime current: > 0(bytes), 0(packets) > add 2014-01-03 17:01:45 use - > stats: > replay-window 0 replay 0 failed 0 > > Thank you in advance! > > - Chris > > > [1] http://wiki.strongswan.org/projects/strongswan/wiki/Windows7 > > _______________________________________________ > Users mailing list > [email protected] > https://lists.strongswan.org/mailman/listinfo/users > _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
