Internet access with L2TP VPN server on StrongSwan, how to add routing?

T

twister98862021-11-20 05:33:22

VPN

twister9886, 2021-11-20 05:33:22

I did everything according to the instructions for StrongSwan to set up an L2TP VPN server, the connection to the server is working.
I ping curl -I google.com from the server console - everything is OK, from the client - no

From the client, the addresses "inside" the server are "visible", that is, from the client console curl -I XX.XXX.XX.XX:80 - OK

However , the external Internet is "not visible" from the client, although it indicated ms-dns 8.8.8.8

maybe I need to add route add in the console on the server? Need to configure Routing?

Currently on Ubuntu
IPv4 address for eth0: XX.XXX.XX.XX
IPv4 address for ppp0: 10.2.3.1

ipsec.conf config

conn rw-base
    fragmentation=yes
    dpdaction=clear 
    dpdtimeout=90s
    dpddelay=30s

conn l2tp-vpn
    also=rw-base
    ike=aes128-sha256-modp3072
    esp=aes128-sha256-modp3072
    leftsubnet=%dynamic[/1701]
    rightsubnet=%dynamic
    mark=%unique
    leftauth=psk
    rightauth=psk
    type=transport
    auto=add

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

AlexVWill, 2021-11-20
@twister9886

connect clients to the server and show
ip routeand ip xfrm policyon the server
do it on the client
traceroute google.com
traceroute 216.58.204.142
to understand the route and is there a problem with DNS