You need to set “sysctl net.ipv4.ip_forward=1” on the host running Strongswan.
On Thu, Mar 28, 2019 at 6:25 PM xalloc <[email protected]> wrote: > Sorry if I didn't explain properly this part in the OP, the gateway is an > hardware firewall. We use its IPSEC. > So no way to set that system value. > > > ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ > Il giovedì 28 marzo 2019 16:13, Brian Colby <[email protected]> ha > scritto: > > > Did you add “sysctl net.ipv4.ip_forward=1” on the gateway, as described > on the page I sent? > > On Mar 28, 2019, at 02:23, xalloc <[email protected]> wrote: > > Do you mean forwarding client-side? I can't setup that, clients use both > Windows and Linux, I need to provide them only the strongswan > configuration. Everything should be handled only by Strongswan and the > Gateway. > > Am I missing something on the page you linked? > > > > ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ > Il mercoledì 27 marzo 2019 17:25, Brian Colby <[email protected]> > ha scritto: > > > Hi Xalloc, > > If you’re connecting but not passing traffic, you may not have forwarding > setup properly. Have you checked out this page? > https://wiki.strongswan.org/projects/strongswan/wiki/ForwardingAndSplitTunneling > > R/s, > Brian > > On Mar 27, 2019, at 02:48, xalloc <[email protected]> wrote: > > Any kind soul please? > > > ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ > March 18 2019 10:18, xalloc <[email protected]> wrote: > > Hello, I'm setting up swanctl configuration file to connect to my company > VPN but I'm missing something. > > [...] > > From those messages seems it can connect but when I ping something (even > DNS) nothing works. > > > > > >
