Code Monkey home page Code Monkey logo

Comments (5)

hwdsl2 avatar hwdsl2 commented on May 8, 2024

@ondrejmirtes The VPN clients are assigned IPs starting from 192.168.42.10 within the VPN. The default setup already enables VPN clients to connect to each other. The VPN server will forward traffic among them.

For example, if your home server is assigned 192.168.42.10, other VPN clients can use this IP to connect to it. If unable to connect, check the firewall on your home server. It must allow access from 192.168.42.0/24.

from setup-ipsec-vpn.

ondrejmirtes avatar ondrejmirtes commented on May 8, 2024

Thanks a lot. I can definitely ping between my other devices through the VPN so the issue will be the firewall on my homeserver. I will let you know after I fixed it.

One more issue I'm facing (I realize I'm asking general VPN questions, but you have expertise with the stack I'm using so I'd be glad if you helped me): The client on the homeserver disconnects from the VPN after minutes of inactivity. How can I fix it to be persistent connection? Should I just reconnect after each disconnect or are there any config values I can tune? Is dpdtimeout/dpdaction related to that? Thank you!

from setup-ipsec-vpn.

hwdsl2 avatar hwdsl2 commented on May 8, 2024

@ondrejmirtes You're welcome. Please check and remove any "idle" options in /etc/ppp/options.xl2tpd.

To auto reconnect, try dpdaction=restart in ipsec.conf [1]. In addition, here's a working configuration for Linux clients using Strongswan [2]. For Strongswan, also see [3] for how to auto restart the connection.

[1] https://libreswan.org/man/ipsec.conf.5.html
[2] https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/docs/clients.md#linux
[3] https://wiki.strongswan.org/issues/825

from setup-ipsec-vpn.

ondrejmirtes avatar ondrejmirtes commented on May 8, 2024

@hwdsl2 Thank you! One more thing: is there an elegant way how to connect to the VPN after boot? AFAIK he first part of the connection is already done (sudo ipsec up XXXX), but the second part (authenticating by echoing to /var/run/... my credentials) is not, but I'm not sure when can I do it so the connection is already initialized.

from setup-ipsec-vpn.

hwdsl2 avatar hwdsl2 commented on May 8, 2024

@ondrejmirtes The "echoing to /var/run ..." step can be run a few seconds after the "sudo ipsec up" step. Try using the "sleep" command with e.g. a 10-second delay. Adjust this delay as necessary. You can put those commands in /etc/rc.local.

from setup-ipsec-vpn.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.