I'm now configuring strongswan server and want to test using strongswan android client.
I configured ipsec.conf, strongswan.conf and ipsec.secrets as follows and I could not login from the android client.
Can anybody please give me some advice or suggestion what I did wrong?
curious on how to restrict strongswan MTU size without reducing the MTU on the physical interface on which it's running. I'm finding lots of ways to do it via iptables MSS clamping, but that appears to only work for TCP; strongswan (5.1.3) appears to be using encapsulated UDP, as far as my packet captures can tell.
I think this is a ubuntu question but also involves strongswan so my apologies if I am posting to the improper place. I need some advice on using NAT with strongswan in an AWS VPC. The VPN negotiates a connection but I cannot ping the far host 172.16.1.52 and I am told ICMP is open on the far end. What if anything am I missing?
When I try to start ipsec to load new configuration i get:
Starting strongSwan 4.3.5 IPsec [starter]...
/etc/ipsec.conf:41: unknown keyword 'plutoopts' ["--interface=eth0"]
unable to start strongSwan -- fatal errors in config
who can give me something advise, thanks!
my configure file was below:
1# ipsec.conf - strongSwan IPsec configuration file
3# basic configuration