Ubuntu – Strongswan (IKEv2) not routing after connection established

networkingstrongswanUbuntuvpn

Here is the issue:

I have Linux strongSwan U5.3.5/K4.4.0-72-generic running on Ubuntu 16.04.2 LTS with a Windows 10 Pro client. I have the system set up and am able to tell the client to connect to the server. When a connection is made, the client states that the connection has no internet access. Being the upstanding internet researcher that I am, I did a quick google search to see if this was a common issue in hopes of a simple solution. This search has led me to believe that my iptables configuration may be wrong.

More background which may be helpful:

I have already set ipv4/ipv6 forwarding to enabled in sysctl.

My network interfaces file looks like the following:

auto lo
iface lo inet loopback

auto ens3
iface ens3 inet dhcp

my iptables -L outputs the following:

root@hydrogen:~# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh
ACCEPT     all  --  anywhere             anywhere
ACCEPT     udp  --  anywhere             anywhere             udp dpt:isakmp
ACCEPT     udp  --  anywhere             anywhere             udp dpt:ipsec-nat-t
DROP       all  --  anywhere             anywhere

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  10.10.10.1           anywhere             policy match dir in pol ipsec reqid 4 proto esp
ACCEPT     all  --  anywhere             10.10.10.1           policy match dir out pol ipsec reqid 4 proto esp
ACCEPT     all  --  10.10.10.1           anywhere             policy match dir in pol ipsec reqid 18 proto esp
ACCEPT     all  --  anywhere             10.10.10.1           policy match dir out pol ipsec reqid 18 proto esp
ACCEPT     all  --  10.10.10.0/24        anywhere             policy match dir in pol ipsec proto esp
ACCEPT     all  --  10.10.10.0/24        anywhere             policy match dir out pol ipsec proto esp
DROP       all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

I have looked at the following questions but have not found a helpful solution:

Strongswan (IKEv2) connection established, but no traffic routing

StrongSwan ikev2 routing through VPN in Windows 10

Traffic cannot be routed despite Strongswan VPN connection being established

Best Answer

Had a similar issue, By Setting this "sysctl -w net.ipv4.ip_forward=1" browsing worked.

Related Topic