Hi, Please share with us your Strongswan configuration, $ iptables-save output and $ ip xfrm policy output
Also, a brief description of which network/host needs to ping which network/host. eg: 172.16.20.14 needs to ping 10.0.10.50 over the VPN server at 172.16.20.1 On Sat, Dec 21, 2019 at 12:37 AM Dušan Ilić <[email protected]> wrote: > > > > ---- Dušan Ilić wrote ---- > > Hi, > > > I have configured a roadwarrior ikev2 strongswan setup with DHCP. > > Everything works when I assign the dhcp scope a separate subnet, but when I > assign IPs from the same subnet it doesn't work. The strange thing is that > the client can still connect and the gateway and other local clients can > reach the VPN client with ping, but not the other way around. So the client > responds to pings, but cannot itself ping or reach anything. > > > I have checked iptables rules, routing tables and nat. Everything looks just > fine. Also farp plugin is enabled. > > > Do anyone recognize this behavior, if not, how should I go about > troubleshooting this?
