General

Profile

Tobias Brunner

Issues

Projects

Activity

29.05.2020

15:02 strongSwan Revision 5f8600e6: ikev2: Ensure ALERT_RETRANSMIT_SEND_CLEARED is triggered
ikev2: Ensure ALERT_RETRANSMIT_SEND_CLEARED is triggered
If a MOBIKE task is deferred, the retransmission counter is...
09:43 strongSwan Issue #3364: stongSwan Android APP no keep-alive / MOBIKE are sent during sleep
> The Beta Version 2.2.2 solved my Problem of stalling VPN Connections. 6 days without disconnect with a Android 10 P...

28.05.2020

18:21 strongSwan Wiki edit: StrongswanConf (#189)
Note about spdh_thresh obsoletion
17:30 strongSwan Issue #3468 (Feedback): [site2site IKEv2] Route rule 220 assigns my own gateway instead remote peer
> I noticed that routing rule 220 assigns ( via <IP> ) the IP of the remote peer, but in my case my 220 rule assigns ...
10:02 strongSwan Issue #3467 (Feedback): When ipsec tunnel configured with subnet %any %any for both side, could we access local service from lan side?
Using 0.0.0.0/0 on both sides only works if you e.g. use marks (so only selected traffic is tunneled), or route based...

27.05.2020

17:06 strongSwan Issue #3466: routing LAN client traffic through a tunnel - route base IPSEC
> maybe you have an example or a manual on how to do this?
There are a lot of existing plugins.
> does it mean ...
15:49 strongSwan Issue #3466: routing LAN client traffic through a tunnel - route base IPSEC
> I'm not sure which side is narrowing the policy.
As I said before, read the log (_cfg_ on level 2).
> suppose...
15:37 strongSwan Issue #3466: routing LAN client traffic through a tunnel - route base IPSEC
> can I "tell" somehow the Cisco not to narrow it ?
No idea.
> it is only up to the Cisco to decide ?
If it'...
14:55 strongSwan Issue #3466: routing LAN client traffic through a tunnel - route base IPSEC
> above the Tunnel BGP should run base on this address. so I have to work in route base mode to have the tunnel ip fo...
14:36 strongSwan Issue #3463: Strongswan client sending ike messages in private(tunnel) ip instead of public(outer) ip when TS list is 0.0.0.0/0
I can't, sorry.

Also available in: Atom