How can I access my own IP under StrongSwan? [MacOS]

-1

I've set up SoftEther VPN on a brand-new Ubuntu 16.04 server and connected macOS, Windows and iOS client to it.

I've created Ruby on Rails webserver on my macbook and binded it to my VPN address.

Other clients can access it but not my macbook - I can't even ping my macbook's IP from itself.

I've had an access to macbook's VPN IP yesterday - but it suddenly broke so I can no longer have access to my own IP.

The same thing happened to my Windows PC - but it can ping its own IP and access webserver from curl. Unfortunately, Edge and Internet Explorer are refusing to load the website (timeout).

I am using static IP for my macbook and entered the netmask, gateway and IP in the macOS Network Settings.

How can I fix it so my macbook and Windows PC can access own webservers hosted on VPN IP?

Here is my macbook's ifconfig:

[mwolfram@mwolfram-macbook ~]$ ifconfig
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
        options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>
        inet 127.0.0.1 netmask 0xff000000
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
        nd6 options=201<PERFORMNUD,DAD>
        gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
        stf0: flags=0<> mtu 1280
        en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        ether [mac_address]
        inet6 fe80::2c:78a0:6beb:e171%en1 prefixlen 64 secured scopeid 0x4
        inet 10.13.1.24 netmask 0xffff0000 broadcast 10.13.255.255
        nd6 options=201<PERFORMNUD,DAD>
        media: autoselect
        status: active
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        options=10b<RXCSUM,TXCSUM,VLAN_HWTAGGING,AV>
        ether [mac_address]
        nd6 options=201<PERFORMNUD,DAD>
        media: autoselect (none)
        status: inactive
fw0: flags=8822<BROADCAST,SMART,SIMPLEX,MULTICAST> mtu 4078
        lladdr [mac_address]
        media: autoselect <full-duplex>
        status: inactive
en2: flags=963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX> mtu 1500
        options=60<TSO4,TSO6>
        ether [mac_address]
        media: autoselect <full-duplex>
        status: inactive
p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
        ether [mac_address]
        media: autoselect
        status: inactive
bridge0: flags=8822<BROADCAST,SMART,SIMPLEX,MULTICAST> mtu 1500
        options=63<RXCSUM,TXCSUM,TSO4,TSO6>
        ether [mac_address]
        Configuration:
                id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
                maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
                root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
                ipfilter disabled flags 0x2
        member: en2 flags=3<LEARNING,DISCOVER>
                ifmaxaddr 0 port 7 priority 0 path cost 0
        media: <unknown type>
        status: inactive
utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 2000
        inet6 fe80::8cc2:57af:1057:c37f%utun0 prefixlen 64 scopeid 0xa
        nd6 options=201<PERFORMNUD,DAD>
ppp0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1280
        inet 10.17.0.17 --> 1.0.0.1 netmask 0xffff0000
vpn
mac-osx
ip
l2tp
softether
asked on Server Fault Apr 23, 2017 by Mike Wolfram • edited Apr 24, 2017 by Mike Wolfram

1 Answer

0

I've finally found the answer. I've got to add route linking my VPN IP with my mac's localhost interface.

sudo route add -net 10.17.0.17 127.0.0.1

Then, I've enabled that route on every VPN connection success:

sudo vi /etc/ppp/ip-up
#!/bin/sh
/sbin/route add -net 10.17.0.17 127.0.0.1

And now it works like a charm! Thanks for your comments.

answered on Server Fault May 22, 2017 by Mike Wolfram

User contributions licensed under CC BY-SA 3.0