Comments
-
Correct
-
You might have overlooked what PeterUK wrote: "If the certificate says a IP then the fw needs to have that IP and be WAN" So since the router has the external IP, your ATP claims to have an internal IP which in turn will not match the one set in the certificate.
-
Its a Samsung limitaton on hashing algorithms as I recall. Anyway Strongswan seamlessly integrates into Android.
-
I am also using it like that on a USGFLEX100
-
Well client VPN needs a fw exposed to a public IP. Hidden behind a NAT will obviously not work. The only exception is when this FW will act as a client to another one that has public IP, then they can build a tunnel between themselves.
-
Is that same ip included in the certificate too?
-
Hi James, I got it going, thanks!