I am facing issue with strongswan on Android (version 8/10).
my custom vpn is able to connect successfully with the server and is establishing tunnel.
Routes corresponding to this tunnel
ip route show table 0
22.214.171.124 dev tun1 table 1181 proto static scope link
192.168.120.0/24 dev tun1 table 1181 proto static scope link
default via 10.118.198.1 dev rmnet0 table 1003 proto static
tun1 Link encap:UNSPEC
inet addr:126.96.36.199 P-t-P:188.8.131.52 Mask:255.255.255.255
UP POINTOPOINT RUNNING MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
RX bytes:0 TX bytes:0
If I do ping to 192.168.120.100, it works well. Wireshark capture shows ESP request/response packets.
However, if I open TCP connection for remote address as 192.168.120.100 port 6000, TCP packets are not going over tunnel interface, rather they go over wifi interface and I can see destination of SYN packet as 192.168.120.100 and source as wifi interface address.
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program Name
tcp 0 0 0.0.0.0:1467 0.0.0.0:* LISTEN –
tcp 0 0 100.83.59.59:40979 184.108.40.206:443 ESTABLISHED –
tcp 0 1 100.83.59.59:40642 192.168.120.100:6000 SYN_SENT –
No SYN ACK since packets are going directly on wifi interface.
I also tried to bind TCP socket to my TUN interface IP but still same issue – SYN packet going directly out on the wifi interface.
tcp6 0 1 ::ffff:220.127.116.11:6002 ::ffff:192.168.120:6000 SYN_SENT –
Andriod version 10 and tried on 8. Tried with emulator and Samsung Galaxy 10.
I am not using root mode.
Please let me know what could be the possible issue.