When the Windows client (10) connects to the StrongSwan server, the server's internet IP is lost #2200
-
My server configuration The internet IP of the server is 222.222.222.222 (demo)
I have two Linux clients in two regions that can connect normally and use their connection pools. But once I connect to Windows. When the Windows client is not connected. Anyone, including my Linux client, can ping normally 222.222.222.222 After Windows client authentication and login, no one, including my Linux client, can ping 222.222.222.222
The problem may occur on the traffic selector of the server configuration I am very confused. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 18 replies
-
Don't configure this when assigning virtual IPs from a pool, just keep it to the default ( |
Beta Was this translation helpful? Give feedback.
You can only match multiple identities via wildcards (e.g.
*@strongswan.org
). And it will only work if clients actually send useful IKE identities (e.g. Windows doesn't if EAP authentication is used, it just sends the private IP address). Matching the server identity has a similar issue as some clients don't send a remote identity (again, Windows is one of them, strongSwan's Android client as well, by default). But either might be OK, if you want to use one of the connections only for very specific clients (that can send a proper local or remote IKE identity), and the other connection (that hasn't configured any specific local or remote identity) is the fallback for all other clients. And…