[Swan] Road Warrior config
brendan kearney
bpk678 at gmail.com
Mon Aug 16 18:05:45 UTC 2021
I have a road warrior config setup, and the tunnel establishes without
issue. the problem i cannot track down is why the client never
receives a reply (properly?). if i ping anything, or send any other
traffic down the tunnel, i can see it on the "server" side. in the
case of pings, i can see the response, but the client does not
register the reply. there are no firewalls in the path or running
locally on either the client or the server. where can i look for why
traffic is not registering with the client (i believe its actually
getting to the client)?
client config:
# Remote Access Connection
conn rac
# Connection Parameters
auto=add
authby=secret
#type=transport
ikev2=insist
ikelifetime=24h
salifetime=1h
rekey=yes
fragmentation=yes
compress=yes
# Dead Peer Detection
dpddelay=30
dpdtimeout=120
dpdaction=clear
# Local Definitions
left=%defaultroute
#leftsubnet=0.0.0.0/0
leftid=munin.bpk2.com
leftmodecfgclient=yes
# Remote Definitions
right=router-ext.bpk2.com
rightsubnet=0.0.0.0/0
# Pull Configs from Remote
modecfgpull=yes
server config:
# Remote Access Connection
conn rac
# Configuration Parameters
auto=add
authby=secret
#type=transport
ikelifetime=24h
salifetime=1h
ikev2=insist
rekey=yes
fragmentation=yes
compress=yes
# Dead Peer Detection
dpddelay=30
dpdtimeout=120
dpdaction=clear
# Local Definitions
left=192.168.152.254
leftsubnet=0.0.0.0/0
#leftid=ipsec.bpk2.com
leftid=router-ext.bpk2.com
# Remote Definitions
right=%any
rightid=%any
#rightsubnet=vhost:%priv,%no
#rightsubnet=0.0.0.0/0
rightaddresspool=192.168.152.50-192.168.152.99
# Push Configs to Remote
modecfgdns=192.168.120.254
modecfgdomains=bpk2.com
More information about the Swan
mailing list