[Swan] Tunnel is up, but getting udp port xxxx unreachable
Paul Wouters
paul at nohats.ca
Fri Dec 30 01:43:58 EET 2022
On Wed, 21 Dec 2022, Brendan Kearney wrote:
> Subject: [Swan] Tunnel is up, but getting udp port xxxx unreachable
> connecting client is seen replying with ICMP udp port unreachable messages:
> VPN Server config:
> conn rac
> leftsubnet=0.0.0.0/0
> right=%any
> rightaddresspool=192.168.152.50-192.168.152.99
[...]
> VPN Client config:
> conn rac
> left=%defaultroute
> leftsubnet=0.0.0.0/0
> leftmodecfgclient=yes
> # Remote Definitions
> right=host.domain.tld
> rightid=192.168.152.254
> rightsubnet=0.0.0.0/0
You are handing out IPs in the same /24 as the LAN itself? That might
cause problems if machines in the LAN are a true /24. You would need
proxyarp and what not and it complicates things.
I'd recommend splitting of the addresspool into a real seperate network.
Paul
More information about the Swan
mailing list