Mobile IPSec - No internet (on Android)

[almador]

Hi All,

I'm ran into a problem where I can't find a solution to.

Overview net:
LAN: 10.10.10.0/23
WAN: static ip
IPSEC Mobile W LAN: 10.10.60.0/24

Setup mobile ipsec with the guide provided in the Wiki.
Connection works fine, I can ping from IPsec to LAN range and the other way around.

An iOS, I have working internet. So in other words only LAN traffic is sent over the tunnel.
On Android (9) I have working tunnel traffic but when trying to go outside the IPSEC/LAN range everything gets blocked.

After checking the NAT Outbound page, I saw that the IPSEC range was not there.
So I have created a new rule (changed to hybrid mode) and setup the following rule. Found the advise in another thread. But still no traffic

Link to image: http://prntscr.com/nbqlp8

The traffic test is done with ping to 1.1.1.1 and requesting http page

PS: 10.10.61.0/24 is used for OpenVPN, so no typo there

[rainerle]

Hi,

some questions here:
- What Android IPsec client are you using?
- Is your plan to use split tunneling or do you want to route all your traffic throught your firewall from the mobile clients?
- Do you plan on using DNS names for the devices in 10.10.10.0/23 ?

Best regards
rainerle