[Swan] Help!!

Antonios Katsouros akatsourossony at gmail.com
Thu Jan 10 09:36:27 UTC 2019


On Thu, Jan 10, 2019 at 12:27 PM <swan-request at lists.libreswan.org> wrote:

> Send Swan mailing list submissions to
>         swan at lists.libreswan.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         https://lists.libreswan.org/mailman/listinfo/swan
> or, via email, send a message with subject or body 'help' to
>         swan-request at lists.libreswan.org
>
> You can reach the person managing the list at
>         swan-owner at lists.libreswan.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Swan digest..."
>
>
> Today's Topics:
>
>    1. Re: Dropping AUTH message containing INITIAL_CONTACT on OSX
>       and Win10 (Derek Cameron)
>    2. Help!! (Antonios Katsouros)
>    3. Re: Help!! (Nick Howitt)
>    4. Re: Help!! (Bruno de Paula Larini)
>    5. Re: Dropping AUTH message containing INITIAL_CONTACT on OSX
>       and Win10 (Paul Wouters)
>    6. Re: Help!! (Antonios Katsouros)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Wed, 9 Jan 2019 07:47:43 -0800
> From: Derek Cameron <dcamero2016 at gmail.com>
> To: Paul Wouters <paul at nohats.ca>
> Cc: swan at lists.libreswan.org
> Subject: Re: [Swan] Dropping AUTH message containing INITIAL_CONTACT
>         on OSX and Win10
> Message-ID:
>         <CAEW6Rjf5GfK2t=
> YbXuPN0tTatHkuVgzTXn-mchFqZtHffC-T0A at mail.gmail.com>
> Content-Type: text/plain; charset="UTF-8"
>
> Thanks for your help. You're welcome to copy and paste anything you
> like from my blog post
>
> https://dc77312.wordpress.com/2019/01/09/libreswan-ipsec-ikev2-vpn-on-rhel-8-beta-server-and-windows-10-client/
>
> On Tue, Jan 8, 2019 at 8:08 AM Paul Wouters <paul at nohats.ca> wrote:
> >
> > Right. that changes the setting from EAP-TLS to Machine Certificate. I
> > will add this to the FAQ section. Thanks!
> >
> > Under properties and TCP I believe there is an option for "send all
> > traffic via VPN"
>
>
> ------------------------------
>
> Message: 2
> Date: Wed, 9 Jan 2019 19:56:27 +0300
> From: Antonios Katsouros <akatsourossony at gmail.com>
> To: swan at lists.libreswan.org
> Subject: [Swan] Help!!
> Message-ID:
>         <CAPOZpEowY+8uzxpFL-=bujNqDhnM86E_4FNVX=kN1O0S=
> hLPEA at mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> Dear all!!
>
> newbie in list with a serious problem...
>
> I installed Libreswan through a vpn script ( this one :
> https://github.com/hwdsl2/s... !.. Please I need your help... When the vpn
> is establised, I need to add a route on the server (manually currently) in
> order to access the network inside.
>
> My connection seems not that stable so every time the vpn falls and
> reconnects, the route is lost from the server. So I have to go again to
> server and add the route ( route add -net 192.168.61.0/24 gw 10.50.20.2 ).
> Is there a way I can do this automatically??? So when the VPN is down and
> reconnects, after reconnection, the server runs automatically this route on
> its self ( route add -net 192.168.61.0/24 gw 10.50.20.2 ) .
>
> 10.50.20.1 is the server, 10.50.20.2 is the other side (client) which also
> is on the rest network behind.
>
> Please can somebody help???
>
> Hundreds of thanks in advance
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> https://lists.libreswan.org/pipermail/swan/attachments/20190109/45d4e009/attachment-0001.html
> >
>
> ------------------------------
>
> Message: 3
> Date: Wed, 9 Jan 2019 17:00:34 +0000
> From: Nick Howitt <nick at howitts.co.uk>
> To: swan at lists.libreswan.org
> Subject: Re: [Swan] Help!!
> Message-ID: <491d0268-c544-e101-cd6d-f2793b929f9e at howitts.co.uk>
> Content-Type: text/plain; charset="us-ascii"
>
> An HTML attachment was scrubbed...
> URL: <
> https://lists.libreswan.org/pipermail/swan/attachments/20190109/6e8627bf/attachment-0001.html
> >
>
> ------------------------------
>
> Message: 4
> Date: Wed, 9 Jan 2019 15:14:54 -0200
> From: Bruno de Paula Larini <bruno.larini at riosoft.com.br>
> To: swan at lists.libreswan.org
> Subject: Re: [Swan] Help!!
> Message-ID: <48fa261d-deaa-37fe-cac1-7465062bcf3a at riosoft.com.br>
> Content-Type: text/plain; charset="utf-8"; Format="flowed"
>
> Em 09/01/2019 14:56, Antonios Katsouros escreveu:
> > My connection seems not that stable so every time the vpn falls and
> > reconnects, the route is lost from the server. So I have to go again
> > to server and add the route ( route add -net 192.168.61.0/24
> > <http://192.168.61.0/24> gw 10.50.20.2 ). Is there a way I can do this
> > automatically??? So when the VPN is down and reconnects, after
> > reconnection, the server runs automatically this route on its self (
> > route add -net 192.168.61.0/24 <http://192.168.61.0/24> gw 10.50.20.2 )
> .
> >
> > 10.50.20.1 is the server, 10.50.20.2 is the other side (client) which
> > also is on the rest network behind.
> >
> I had a similar issue some months ago. You can add the "leftsourceip"
> parameter to the config so the server will know the way to the other
> side of the tunnel. Example: leftsourceip=10.50.20.1
> Then you can stop adding the route manually.
>
> -Bruno
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> https://lists.libreswan.org/pipermail/swan/attachments/20190109/895ee884/attachment-0001.html
> >
>
> ------------------------------
>
> Message: 5
> Date: Wed, 9 Jan 2019 13:07:09 -0500 (EST)
> From: Paul Wouters <paul at nohats.ca>
> To: Derek Cameron <dcamero2016 at gmail.com>
> Cc: swan at lists.libreswan.org
> Subject: Re: [Swan] Dropping AUTH message containing INITIAL_CONTACT
>         on OSX and Win10
> Message-ID: <alpine.LRH.2.21.1901091303160.6009 at bofh.nohats.ca>
> Content-Type: text/plain; charset=US-ASCII; format=flowed
>
> On Wed, 9 Jan 2019, Derek Cameron wrote:
>
> >
> > Thanks for your help. You're welcome to copy and paste anything you
> > like from my blog post
> >
> https://dc77312.wordpress.com/2019/01/09/libreswan-ipsec-ikev2-vpn-on-rhel-8-beta-server-and-windows-10-client/
>
> Thanks, I'll see about merging it onto the libreswan wiki. Thanks for
> the permission!
>
> Some notes:
>
> - Please use "libreswan" or "Libreswan", not "LibreSwan" :)
> - Does it survive rekeying? You might want/need to add
>    msdh-downgrade=yes to allow rekeying without or with wrong/bad
>    DH group 1024 (perhaps the latest Windows build fixed this?)
> - I think you can fixup the authentication without using powershell,
>    but I would have to reclick through a windows box again to remember
>    how I did that.
>
> Paul
>
>
> ------------------------------
>
> Message: 6
> Date: Thu, 10 Jan 2019 12:27:13 +0300
> From: Antonios Katsouros <akatsourossony at gmail.com>
> To: swan at lists.libreswan.org
> Subject: Re: [Swan] Help!!
> Message-ID:
>         <
> CAPOZpEphAsE9kwA7N2McUGoOK77JpMzGsKX9Nuz+DmYLsgQ1Qg at mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> Dear All,
>
> can please somebody help???? Please... your help is higlhy appreciated.
>
> many thanks
>
> On Wed, Jan 9, 2019 at 7:56 PM Antonios Katsouros <
> akatsourossony at gmail.com>
> wrote:
>
> > Dear all!!
> >
> > newbie in list with a serious problem...
> >
> > I installed Libreswan through a vpn script ( this one :
> > https://github.com/hwdsl2/s... !.. Please I need your help... When the
> > vpn is establised, I need to add a route on the server (manually
> currently)
> > in order to access the network inside.
> >
> > My connection seems not that stable so every time the vpn falls and
> > reconnects, the route is lost from the server. So I have to go again to
> > server and add the route ( route add -net 192.168.61.0/24 gw 10.50.20.2
> > ). Is there a way I can do this automatically??? So when the VPN is down
> > and reconnects, after reconnection, the server runs automatically this
> > route on its self ( route add -net 192.168.61.0/24 gw 10.50.20.2 ) .
> >
> > 10.50.20.1 is the server, 10.50.20.2 is the other side (client) which
> also
> > is on the rest network behind.
> >
> > Please can somebody help???
> >
> > Hundreds of thanks in advance
> >
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> https://lists.libreswan.org/pipermail/swan/attachments/20190110/9c04eb8d/attachment.html
> >
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> Swan mailing list
> Swan at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan
>
>
> ------------------------------
>
> End of Swan Digest, Vol 73, Issue 3
> ***********************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20190110/ea3c0153/attachment-0001.html>


More information about the Swan mailing list