Hi, Create and provide logs. List all information in the format and with the commands as described on the HelpRequests page.
Kind regards Noel On 06.01.2018 07:15, Sujoy wrote: > Hi All, > > We are able to connect to StrongSwan IPSec using LAN IP. But in the same > system which is having Public IP with NAT trying to connect it says one > connecting only. Connection could not establish. > > Someone can please help me in solving this. > > > Thanks & Regards > > > On Thursday 04 January 2018 07:16 PM, Noel Kuntze wrote: >> Not on openwrt. But you need plaintext or AD like passwords in LDAP. >> Otherwise you can't auth with mschap(v2). >> >> On 04.01.2018 14:38, Giuseppe De Marco wrote: >>> Yes Noel and thank you, my question is: >>> Is there any experiences about running strongswan in openwrt as ikev2 >>> server with mschap,radius,ldap auth backend? >>> >>> 2018-01-04 14:17 GMT+01:00 Noel Kuntze >>> <noel.kuntze+strongswan-users-ml@thermi.consulting >>> <mailto:noel.kuntze+strongswan-users-ml@thermi.consulting>>: >>> >>> Hi, >>> >>> `ipsec` is just a command line tool. It's not a daemon (or generally a >>> service). >>> Are there any open questions? >>> >>> Kind regards >>> >>> Noel >>> >>> On 04.01.2018 14:14, Giuseppe De Marco wrote: >>> > Hi and thank you Noel, >>> > I meant to run ipsec and charon in the embedded openwrt router, I use >>> dpd as well >>> > >>> > # dead-peer detection to clear any "dangling" connections in case >>> the client unexpectedly disconnects >>> > dpdaction=clear >>> > # If the tunnel has no traffic for this long (default 30 secs), >>> Charon will send a dead peer detection packet. The value 0 means to not >>> send such packets, relying on ordinary traffic, which will occur at least >>> once an hour, which is the default rekeying lifetime. >>> > dpddelay=33s >>> > # DPD Retries : 3 >>> > dpdtimeout=300s >>> > >>> > Running strongswan in a 18-70$ openwrt router is very usefull in many >>> way >>> >>> >
signature.asc
Description: OpenPGP digital signature