strongSwan

22.01.2019

11:46 strongSwan Wiki edit: Swanctlconf (#29)

11:06 strongSwan Issue #2870: DNS resolution outside of tunnel if DNS server is in remote TS

> That would counteract the desire to have a VPN to provide privacy. Using a passthrough policy would make all traffi...

10:01 strongSwan Issue #2888: Virtual IP keeps changing for same client

> So if uniqueids=no, the client would get the same IP again?
No, with _uniqueids=yes_ the old IKE_SA would get cl...

21.01.2019

10:51 strongSwan Issue #2893 (Feedback): leftupdown script called multiple times

> If leftsubnet has multiple subnets in it (for split tunneling), it appears leftupdown gets called multiple times.
...

10:49 strongSwan Issue #2889: forecast issues mark=%unique stalls connection

> But after trying connect via IPv4 (ssh -4 root@192.168.2.240), the result was the same, e.g. connection timeout.
...

10:42 strongSwan Issue #2888: Virtual IP keeps changing for same client

> Looks like the client be reconnecting and strongswan is not releasing the previous address and assigning a new one....

10:34 strongSwan Issue #2892: ipsec status flapping between ESTABLISHED and CONNECTING

> Aso, wondering where is `ppp` interface... It must be created during connection initialization, isn't it?
IPsec ...

18.01.2019

14:46 strongSwan Issue #2892: ipsec status flapping between ESTABLISHED and CONNECTING

> Just reading the manpage here https://linux.die.net/man/5/ipsec.conf:
That's not strongSwan's ipsec.conf man pag...

14:29 strongSwan Issue #2889: forecast issues mark=%unique stalls connection

Thanks. When you try to connect with SSH, from which IP to what IP is that? Is that by any chance via IPv6? Because t...

14:21 strongSwan Issue #2892 (Feedback): ipsec status flapping between ESTABLISHED and CONNECTING

> After `ipsec` service started - it makes a "successful" connection and right after it - it starting making a new co...