Spot on, I had some special iptable rules that inadvertetly blocked this return
traffic, in combination with only running Charon on public interfaces. After
removing the rule and enabling Charon on br0 it all started to work.
Thank you.
However, now I'm experiencing a new problem. After a very short time, like in
max a minute or maybe two, the traffic completely stops. Looking at ipsec
statusall everything seem to look the same right before as after it happens.
The client is still connected and I'm running an continues ping from both
sides. When changing back to Charon not listening on br0, and disabling
dhcp-plugin, it works without this disruption (but then again, DHCP-plugin
doesnt work). Any ideas?
---- Noel Kuntze skrev ----
On 23.01.2017 01:46, Dusan Ilic wrote:
> Thanks, I have already read it and configured according to those
instructions but without any success.
>
> To me it seems to be the issue that the DHCP server is sending the
offer to its own IP, because Strongswan is also using that IP.
Well, make sure your firewall rules permit the traffic. That could
also make sure the DHCP daemon can respond.
It shouldn't be a problem that both daemons send packets from the same
IP. That setup works without problems for other people.
You have to be doing something special so it doesn't work for you.
--
Mit freundlichen Grüßen/Kind Regards,
Noel Kuntze
GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
On 23.01.2017 01:46, Dusan Ilic wrote:
Thanks, I have already read it and configured according to those instructions
but without any success.
To me it seems to be the issue that the DHCP server is sending the offer to its
own IP, because Strongswan is also using that IP.
Well, make sure your firewall rules permit the traffic. That could also make
sure the DHCP daemon can respond.
It shouldn't be a problem that both daemons send packets from the same IP. That
setup works without problems for other people.
You have to be doing something special so it doesn't work for you.
_______________________________________________
Users mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/users
