Posts

Showing posts with the label strongSwan

Linux SNAT with per-connection source address from IP pool

When doing NAT with pool of addresses to choose from (instead of masquerading) Linux insists on always using same IP from pool for particular source IP. Often this is preferred, but not always. To workaround we need to patch kernel a bit.

strongSwan 5.0.1 on Ubuntu 12.04 and 12.10

Could we get any older versions included in distros? kthanksbye

Compiling Strongswan 4.6.4 for Ubuntu 12.04

Debian and Ubuntu are still shipping ancient Strongswan packages. Today I wanted to do some testing with kernel crypto algorithms (af-alg) but Ubuntu Stronsgwan package had them disabled.

Reliable IP over multiple unrealiable IP links with Linux and Strongswan

Some time ago I wrote about how to make multiple unreliable Internet connections function like single reliable Internet connection. That was done using OpenVPN and some iptables trickery. This time we're going to do same without OpenVPN and without iptables.

Strongswan 4.6.2dr3 on Ubuntu 12.04 alpha 1

For some reason latest Strongswan version for Ubuntu is still 4.5.1. See below how to compile and package latest 4.6.2dr3. Not pretty, but works for me when testing new version.