Hi Joe, Since your Linux is an EC2 VM you need to enable NAT traversal (UDP/4500) on both sides. An alternative would be to use a VPC VM where no NAT traversal is needed as ESP can flow freely (assuming you authorized in the security group).
HTH, Simon On 14-01-21 04:13 AM, Spazzatura Elettronica wrote: > Hello, > > I am trying to set up a VPN from Linux to a Cisco Concentrator. > The intention is to route packets originating on the Linux machine > itself to various hosts on the remote network. > As a basis for the configuration, I have used the examples here > http://www.strongswan.org/uml/testresults/ikev1/rw-psk-ipv4/ > My configuration is attached. > > The VPN is established but I am unable to route packets through it. > > Do I need to use iptables to handle routing? > > Machine: > > * Operating system: Linux 3.5.0-41 (Ubuntu 12.10) > * strongSwan version: 5.1.1 > * Host type: Amazon EC2 > * No local firewall rules. > * Destination VPN: CiscoVPN Conc. 3030Ver. 4.7.2.G > > Network: > > * Local eth0: 172.x.x.x > * Local virtual IP: 10.254.5.174 > * Remote public IP: 62.x.x.x > * Remote subnet: 10.192.0.0/12 <http://10.192.0.0/12> > > VPN: > > * Protocol: IKEv1 > * Authentication: with PSK > > > Any help would be greatly appreciated. > > Regards, > Joe Yates > > > > > _______________________________________________ > Users mailing list > [email protected] > https://lists.strongswan.org/mailman/listinfo/users > _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
