I have setup Strongswan on Ubuntu 14.04 from the official package. I use IKEv2 with PKI authentication and a custom authorization plugin. This works great for Android and Ubuntu clients using strongswan but not when using the Native Windows 7/8 IKEv2 client.(Machine certificates authentication). I connect to the VPN server just fine, but on the Status tab for the vpn interface it shows this:
and as you can guess I can't access anything as I have broken routing.
I have censored the IP details, Client IPv4 is correctly an IP assigned from the strongswan pool at the VPN subnet. (it's no-NAT, all addresses are public routable except the origin address which is behind my home NAT router)
Best Answer
SOLVED:
You should specify 0.0.0.0/0 for rightsubnet for windows config, the Windows IPsec client isn't "smart enough" to handle split tunneling.