I have the server side configured with ipsec.conf:
config setup charondebug="ike 0, enc 0, net 0"
conn %default keyexchange=ikev2 mobike=no dpddelay=60 dpdtimeout=180
conn lp1772705 left=172.24.26.187 leftcert=peerCert.der leftauth=pubkey leftsubnet=8.8.8.8/32 right=%any rightsourceip=172.21.10.0/24 rightauth=eap-mschapv2 rightdns=1.1.1.1,1.0.0.1 eap_identity=%any auto=add
With 5.6.2-1ubuntu2.4, I get random garbage as resolvers instead of 1.1.1.1 and 1.0.0.1:
<info> [1576525492.6584] vpn-connection[0x55e5c1c6c810,eab8dcdd-e3a9-44b8-a3f0-fabe804d0d84,"lp1772705",0]: Data: Internal DNS: 128.157.0.100 <info> [1576525492.6584] vpn-connection[0x55e5c1c6c810,eab8dcdd-e3a9-44b8-a3f0-fabe804d0d84,"lp1772705",0]: Data: Internal DNS: 240.14.1.80
but I still get random garbage with 5.6.2-1ubuntu2.5:
The following packages will be upgraded: libcharon-standard-plugins (5.6.2-1ubuntu2.4 => 5.6.2-1ubuntu2.5) libstrongswan (5.6.2-1ubuntu2.4 => 5.6.2-1ubuntu2.5) libstrongswan-standard-plugins (5.6.2-1ubuntu2.4 => 5.6.2-1ubuntu2.5) strongswan-charon (5.6.2-1ubuntu2.4 => 5.6.2-1ubuntu2.5) strongswan-libcharon (5.6.2-1ubuntu2.4 => 5.6.2-1ubuntu2.5) strongswan-nm (5.6.2-1ubuntu2.4 => 5.6.2-1ubuntu2.5) strongswan-pki (5.6.2-1ubuntu2.4 => 5.6.2-1ubuntu2.5) strongswan-starter (5.6.2-1ubuntu2.4 => 5.6.2-1ubuntu2.5)
<info> [1576525739.9236] vpn-connection[0x55e5c1c6c410,eab8dcdd-e3a9-44b8-a3f0-fabe804d0d84,"lp1772705",0]: Data: Internal DNS: 144.190.1.100 <info> [1576525739.9236] vpn-connection[0x55e5c1c6c410,eab8dcdd-e3a9-44b8-a3f0-fabe804d0d84,"lp1772705",0]: Data: Internal DNS: 96.221.1.100
I did multiple attempts varying rightdns= to push 1.1.1.1 and/or 1.0.0.1 but they all failed:
$ journalctl -b0 -o cat | grep 'Internal DNS' <info> [1576525492.6584] vpn-connection[0x55e5c1c6c810,eab8dcdd-e3a9-44b8-a3f0-fabe804d0d84,"lp1772705",0]: Data: Internal DNS: 128.157.0.100 <info> [1576525492.6584] vpn-connection[0x55e5c1c6c810,eab8dcdd-e3a9-44b8-a3f0-fabe804d0d84,"lp1772705",0]: Data: Internal DNS: 240.14.1.80 <info> [1576525720.6106] vpn-connection[0x55e5c1c6c610,eab8dcdd-e3a9-44b8-a3f0-fabe804d0d84,"lp1772705",0]: Data: Internal DNS: 0.48.1.100 <info> [1576525720.6106] vpn-connection[0x55e5c1c6c610,eab8dcdd-e3a9-44b8-a3f0-fabe804d0d84,"lp1772705",0]: Data: Internal DNS: 80.83.122.160 <info> [1576525739.9236] vpn-connection[0x55e5c1c6c410,eab8dcdd-e3a9-44b8-a3f0-fabe804d0d84,"lp1772705",0]: Data: Internal DNS: 144.190.1.100 <info> [1576525739.9236] vpn-connection[0x55e5c1c6c410,eab8dcdd-e3a9-44b8-a3f0-fabe804d0d84,"lp1772705",0]: Data: Internal DNS: 96.221.1.100 <info> [1576526033.7857] vpn-connection[0x56137b6c67f0,eab8dcdd-e3a9-44b8-a3f0-fabe804d0d84,"lp1772705",0]: Data: Internal DNS: 0.70.3.100 <info> [1576526726.4132] vpn-connection[0x56137b6c61f0,eab8dcdd-e3a9-44b8-a3f0-fabe804d0d84,"lp1772705",0]: Data: Internal DNS: 48.107.3.100
I have the server side configured with ipsec.conf:
config setup
charondebug="ike 0, enc 0, net 0"
conn %default
keyexchange=ikev2
mobike=no
dpddelay=60
dpdtimeout=180
conn lp1772705 172.24. 26.187 peerCert. der 8.8.8.8/ 32 =172.21. 10.0/24 eap-mschapv2 1.1.1.1, 1.0.0.1
left=
leftcert=
leftauth=pubkey
leftsubnet=
right=%any
rightsourceip
rightauth=
rightdns=
eap_identity=%any
auto=add
With 5.6.2-1ubuntu2.4, I get random garbage as resolvers instead of 1.1.1.1 and 1.0.0.1:
<info> [1576525492.6584] vpn-connection[ 0x55e5c1c6c810, eab8dcdd- e3a9-44b8- a3f0-fabe804d0d 84,"lp1772705" ,0]: Data: Internal DNS: 128.157.0.100 0x55e5c1c6c810, eab8dcdd- e3a9-44b8- a3f0-fabe804d0d 84,"lp1772705" ,0]: Data: Internal DNS: 240.14.1.80
<info> [1576525492.6584] vpn-connection[
but I still get random garbage with 5.6.2-1ubuntu2.5:
The following packages will be upgraded: standard- plugins (5.6.2-1ubuntu2.4 => 5.6.2-1ubuntu2.5) n-standard- plugins (5.6.2-1ubuntu2.4 => 5.6.2-1ubuntu2.5) charon (5.6.2-1ubuntu2.4 => 5.6.2-1ubuntu2.5) libcharon (5.6.2-1ubuntu2.4 => 5.6.2-1ubuntu2.5) starter (5.6.2-1ubuntu2.4 => 5.6.2-1ubuntu2.5)
libcharon-
libstrongswan (5.6.2-1ubuntu2.4 => 5.6.2-1ubuntu2.5)
libstrongswa
strongswan-
strongswan-
strongswan-nm (5.6.2-1ubuntu2.4 => 5.6.2-1ubuntu2.5)
strongswan-pki (5.6.2-1ubuntu2.4 => 5.6.2-1ubuntu2.5)
strongswan-
<info> [1576525739.9236] vpn-connection[ 0x55e5c1c6c410, eab8dcdd- e3a9-44b8- a3f0-fabe804d0d 84,"lp1772705" ,0]: Data: Internal DNS: 144.190.1.100 0x55e5c1c6c410, eab8dcdd- e3a9-44b8- a3f0-fabe804d0d 84,"lp1772705" ,0]: Data: Internal DNS: 96.221.1.100
<info> [1576525739.9236] vpn-connection[
I did multiple attempts varying rightdns= to push 1.1.1.1 and/or 1.0.0.1 but they all failed:
$ journalctl -b0 -o cat | grep 'Internal DNS' 0x55e5c1c6c810, eab8dcdd- e3a9-44b8- a3f0-fabe804d0d 84,"lp1772705" ,0]: Data: Internal DNS: 128.157.0.100 0x55e5c1c6c810, eab8dcdd- e3a9-44b8- a3f0-fabe804d0d 84,"lp1772705" ,0]: Data: Internal DNS: 240.14.1.80 0x55e5c1c6c610, eab8dcdd- e3a9-44b8- a3f0-fabe804d0d 84,"lp1772705" ,0]: Data: Internal DNS: 0.48.1.100 0x55e5c1c6c610, eab8dcdd- e3a9-44b8- a3f0-fabe804d0d 84,"lp1772705" ,0]: Data: Internal DNS: 80.83.122.160 0x55e5c1c6c410, eab8dcdd- e3a9-44b8- a3f0-fabe804d0d 84,"lp1772705" ,0]: Data: Internal DNS: 144.190.1.100 0x55e5c1c6c410, eab8dcdd- e3a9-44b8- a3f0-fabe804d0d 84,"lp1772705" ,0]: Data: Internal DNS: 96.221.1.100 0x56137b6c67f0, eab8dcdd- e3a9-44b8- a3f0-fabe804d0d 84,"lp1772705" ,0]: Data: Internal DNS: 0.70.3.100 0x56137b6c61f0, eab8dcdd- e3a9-44b8- a3f0-fabe804d0d 84,"lp1772705" ,0]: Data: Internal DNS: 48.107.3.100
<info> [1576525492.6584] vpn-connection[
<info> [1576525492.6584] vpn-connection[
<info> [1576525720.6106] vpn-connection[
<info> [1576525720.6106] vpn-connection[
<info> [1576525739.9236] vpn-connection[
<info> [1576525739.9236] vpn-connection[
<info> [1576526033.7857] vpn-connection[
<info> [1576526726.4132] vpn-connection[