[Swan] Help with IKEv1 roadwarrior to subnet?
mx2927 at gmail.com
Sat Nov 14 18:07:12 UTC 2020
I'm trying to set up a remote VPN access, and for simplicity I am
starting with IKEv1 & PSK (the final setup will be IKEv2 & certs, but
I'd rather figure this out first).
I am able to establish a connection from client to server, and access
all services on the server itself (http, ssh, ...) but I'm stuck at the
point that I can't access any other host at the server site (e.g.
Thanks in advance for any help!
On the server site:
UDP ports 500, 4500, and 50 are being NAT forwarded from the public
gateway to the ipsec server at 192.168.0.27, subnet is 192.168.0.0/24
server config is:
# left=XXX.XXX.XXX.XXX # public IP of the gateway
leftid=XXX.XXX.XXX.XXX # public IP of the gateway
client site is supposed to be dynamic IP, behind a gateway at
192.168.1.25, subnet is 192.168.1.0/24
right=XXX.XXX.XXX.XXX # public IP of the gateway at server site
(Maybe it's worth mentioning that the server is running libreswan 4.1 on
Fedora 32, the client is with 3.30 on Fedora 30)
More information about the Swan