It's because you're doing it wrong. You must *not* use the dhcp plugin of strongSwan to request the IP. Have Windows do a DHCP request over the VPN (according to the article it should do that). The dhcp plugin does something completely different.
On 09.08.2018 08:07, Christian Salway wrote: > Perhaps the answer is to set the attr DHCP to the IP of the DHCP server > inside the VPN but then still, how does the client know how to route to the > IP address. > > There doesn’t seem to be a solution for this even though all the parts are > there. > >> On 8 Aug 2018, at 15:15, Noel Kuntze >> <noel.kuntze+strongswan-users-ml@thermi.consulting> wrote: >> >> Hello Christian, >> >> I guess the native Mac OSX client just doesn't support being connected to >> more than one server, so this can't be solved with it. >> >> For Windows, you need to setup and run a DHCP server on the VPN server, >> which answers the DHCP requests that Windows (uniquely and only Windows!) >> sends over the VPN. You can use that to push routes to the client. Just use >> the same options as with "real" DHCP clients, requesting configuration >> from/on the LAN. This is described in the article about Windows >> interoperability[1]. >> >> [1] >> https://wiki.strongswan.org/projects/strongswan/wiki/WindowsClients#Split-routing-on-Windows-10-and-Windows-10-Mobile >> >> Kind regards >> >> Noel >> >>> On 07.08.2018 09:07, Christian Salway wrote: >>> Hello all, >>> >>> After several months of using strongSwan, I still can't get the routing to >>> work correctly on the clients. I have run out of pages to read on the >>> strongswan website so I hope you can help me out. >>> >>> The problem is when I connect to strongSwan, the routing is not configured >>> correctly on the clients (OSX and Windows) - using native (built-in) >>> clients. All updated with the latest patches/updates. >>> >>> OSX will set up a route based on the local_ts but when I open a >>> simultaneous connection to another strongSwan server, it removes the route >>> from the first VPN connection and adds it's own based on the local_ts. >>> >>> WINDOWS doesnt add the route at all. >>> >>> In either cause, I normally have to manually add the routes in. >>> >>> Has anyone had any success? Can they please shed some light as to how they >>> achieved it? >>> >>> >>> Kind regards, >>> >>> *Christian Salway* >>> IT Consultant - *Naimuri* >>> >>> T: +44 7463 331432 >>> E: christian.sal...@naimuri.com <mailto:christian.sal...@naimuri.com> >>> A: Naimuri Ltd, Chandlers Point, Manchester M50 2UW >>> >>
signature.asc
Description: OpenPGP digital signature
