Highest Voted 'strongswan' Questions - Super User Stack Exchange

4

votes

2 answers

How can I route only a particular subnet to the StrongSwan VPN but not my whole traffic on linux?

I have no particular competences on networking, so I'll do my best to explain my needs. On my Linux laptop I'm running StrongSwan (with NetworkManager) to connect to a particular VPN with IPsec. This VPN lets me reach these kind of IPs…

asked Mar 20 '20 at 14:40

Codemix

53
1
6

3

votes

3 answers

Windows client cannot connect to StrongSwan: "EAP-Identity request configured, but not supported"

I've followed this tutorial to set up a StrongSwan VPN server, with the exceptions that I was using Debian 9, and that I used certs I already had from Let's Encrypt instead of standing up a CA. However, I still cannot connect to the VPN server. When…

strongswan

asked Aug 13 '18 at 21:38

dddddddd207

41
1
3

3

votes

1 answer

strongSwan - no matching peer config found

I am trying to setup strongSwan to configure an iPhone to it but I am getting an error that I have trouble overcoming. no matching peer config found The complete debug log is as follows: root@vpn-test:/home/ubuntu# ipsec start --nofork…

ipsec strongswan

asked Aug 02 '17 at 22:17

Bogdan

277
2
10

2

votes

1 answer

How to configure strongSwan to trust a raw RSA key

I need to use raw RSA keys for IKEv2 authentication (for testing purposes), but am not able to configure strongSwan (5.1.2) to "trust" them for remote authentication. ipsec.conf: conn %default left=%defaultroute …

rsa strongswan

asked Apr 01 '14 at 12:08

Kimvais

4,698
3
22
19

2

votes

0 answers

IKEv2 VPN connected but no Internet

There are a lot of questions on SE regarding this and I tried nearly all of them. Unfortunately none solved my problem. I followed the instruction on DigitalOcean, but adapted it a little to fit my OS (openSuSE Leap 42.3). To be clear,…

linux networking vpn opensuse strongswan

asked Dec 26 '17 at 07:02

Ryan

131
6

2

votes

0 answers

Strongswan enable ESP packets hardware acceleration

My Linux kernel already support CESA hardware acceleration, and openssl can use this feature: # openssl speed -evp des3 -elapsed # cat /proc/interrupts | grep cesa 51: 464810 GIC cesa0 52: 464811 GIC cesa1 And I have enabled…

networking linux-kernel hardware-acceleration strongswan

asked Sep 02 '16 at 07:17

code farmer

41
8

2

votes

1 answer

Strongswan 5.5.0 RSA sigkeys

I'm setting up an IPSec connection between two Strongswan clients using RSA "sigkeys." The documentation says that leftsigkey and rightsigkey are used to provide the public RSA keys for the two participants but I don't know how to provide the…

vpn ipsec rsa strongswan

asked Aug 17 '16 at 17:51

mgperkow

23
2

1

vote

1 answer

Routing 192.168.XX.XX address through local 192.168.1.1 instead of VPN

The problem lays on my side. The ip address im trying to resolve is 192.168.4.201 which routes through 192.168.1.1 (my local area network) instead of routing through VPN (10.10.X.X). How do i force 192.168.4.201 to always route through vpn 10.10.x.x…

vpn routing strongswan

asked Aug 04 '14 at 13:40

user2207495

111
2

1

vote

0 answers

StrongSwan 5.9.1 (Debian Bullseye): Traffic from IPsec tunnel gets forwarded via Ethernet, but not via bridge

The following problem: I have a server that is, in addition to other tasks not relevant for the problem at hand, supposed to act as an IPsec gateway. When I'm using the Ethernet interface pointing to the 'Net for handling IPsec traffic and sending…

vpn iptables gateway ipsec strongswan

asked Sep 07 '22 at 01:02

Robidu

211
1
11

1

vote

0 answers

Configuring proxy Squid under Strongswan private network

I cannot connect to Proxy Server (Squid) from my computer (Windows 10) via VPN (StrongSwan, IKev2) on my VPS (CentOS 8) I have no idea what I'm doing, so please bare with me! Port in firewall-cmd is opened, firewall restarted My computer is…

networking vpn proxy squid strongswan

asked Aug 11 '22 at 22:25

Nickers

11
2

1

vote

1 answer

How to configure strongSwan eap-radius with FreeRadius for EAP-MSCHAPv2 authentication?

I am trying to configure a strongSwan IPsec VPN with RADIUS authentication. The actual EAP-MSCHAPv2 authentication to FreeRadius with OpenLDAP for username/passwords is successful, but then I am stuck with the following error message: Jul 15…

vpn ipsec strongswan freeradius eap-mschapv2

asked Jul 15 '22 at 20:32

apohl

13
4

1

vote

1 answer

Strongswan VPN certificate authentication failed

I've installed strongswan vpn on my ubuntu server. Set up certificate authentication. I've set up my android-phone and it works fine. But connection didn't established on the windows machine. I copied ca-cert into root ca and client certificate into…

windows vpn certificate ipsec strongswan

asked Apr 20 '22 at 12:43

user18848352

11
2

1

vote

1 answer

Strongswan & Windows client: connection freezes in a few minutes

On an AWS VPS, I installed Strongswan to use it as a VPN. It works fine with iPhone client. However, when I try to connect from a Windows client, the SA connection gets established successfully and works fine for a few minutes, but after a few…

linux windows networking vpn strongswan

asked Mar 29 '22 at 13:04

m. vokhm

176
1
1
9

1

vote

0 answers

routing to virtual ip address

I have a Linux box that establishes a StrongSwan VPN connection. As I understand it, this creates a virtual IP address where packets are routed to so they get into the tunnel. I have other Linux boxes on the same subnet. I would like packets that…

networking vpn ip-address strongswan

asked Feb 04 '22 at 19:20

Stephen Burke

111
3

1

vote

0 answers

Strongswan: Two cert-based ike2 connections in parallel: Conflict?

any help on the following issue is highly appreciated: I cannot use the two cert-based connections below (conn one and conn two) in parallel. Individually (so commenting out one of them), they work perfectly (so the locally installed ca-certs as…

strongswan

asked May 05 '21 at 13:12

user1330841

11
1

Questions tagged [strongswan]