[Swan] Road warriors and dhcp

Paul Wouters paul at nohats.ca
Sun Jan 3 17:04:02 UTC 2021

On Sat, 2 Jan 2021, Alex wrote:

> The windows client obtains an IP on the network, but
> apparently only because of the rightaddresspool= statement - it
> doesn't appear the dhcp server is being consulted at all.

Correct. libreswan does not consult a DHCP server. It assumes it has
full authority to assign anything from its given addresspool.

> I also can't ping the router on, so while the VPN is
> connected, there's really no connectivity to the network
> or the corporate LAN network.

That seems more likely to be a generic routing/firewall issue than a
VPN issue. Make sure the VPN server has an IP in the addresspool range
(could be an additional IP on the physical network card). Then try
and ping from your regular network to the IP on your VPN server.

Also ensure you are not accidentally NATing the new
range elsewhere in your network.


More information about the Swan mailing list