Project

General

Profile

Issue #3463

Strongswan client sending ike messages in private(tunnel) ip instead of public(outer) ip when TS list is 0.0.0.0/0

Added by Karthik Adiga about 1 month ago. Updated about 1 month ago.

Status:
Feedback
Priority:
Normal
Assignee:
-
Category:
-
Affected version:
5.2.2
Resolution:

Description

Why is it strongswan client sending ikev2 messages(any) with source ip as private/inner ip instead of outer ip. This problem was not seen in strongSwan 5.2.0, Linux 3.10.49-perf, armv7l version. But finding it in strongSwan 5.2.2, Linux 3.10.84-perf, armv7l

History

#1 Updated by Karthik Adiga about 1 month ago

Please help in addressing the above issue

#2 Updated by Tobias Brunner about 1 month ago

  • Category deleted (kernel-interface)
  • Status changed from New to Feedback
  • Assignee deleted (Martin Willi)
  • Priority changed from High to Normal

Why is it strongswan client sending ikev2 messages(any) with source ip as private/inner ip instead of outer ip.

What exactly does that mean? Anyway, check your routing tables.

This problem was not seen in strongSwan 5.2.0, Linux 3.10.49-perf, armv7l version. But finding it in strongSwan 5.2.2, Linux 3.10.84-perf, armv7l

Both of these versions are very old, as are the kernel versions.

#3 Updated by Karthik Adiga about 1 month ago

With same routing tables with strongSwan 5.2.0, Linux 3.10.49-perf, armv7l version ikev2 messages are going with actual IP address, where as with the other format ikev2 messages are flowing with tunnel ip address. Any routing related changes got hit in later version of kernel. New to this ipsec, can you please help? Thanks in advance.

#4 Updated by Tobias Brunner about 1 month ago

I can't, sorry.

Also available in: Atom PDF