Hi,
I'm trying to use atrongswan as IPSEC server on my Openwrt Router (which is in the DMZ of an ISP router, that part worked before)
Clients can connect to the VPN from the LAN side, but not from WAN.
Ipsec statusall shows the lan ip in the listening IPs section. These are the firewall rules in place:
config rule
option name 'Allow-ESP'
option src 'wan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option proto 'udp'
option dest_port '500'
option target 'ACCEPT'
config rule
option name 'Allow-IKEv2'
option src 'wan'
option proto 'udp'
option dest_port '4500'
option target 'ACCEPT'
config rule
option name 'Allow-AH'
option src 'wan'
option proto 'ah'
option target 'ACCEPT'
However, even with the firewall turned off, I can't connect from WAN. Explicitly setting interfaces_use = wan doesn't help (but seems to work as the connection from LAN is no longer possible).
Any ideas?
Bests,
Daniel