![]() UE to UE traffic when both UE are connected via the same ePDG couldn't send traffic to each other because of xfrm policies. The firewall on the ePDG was catching this traffic because it tried to shortcut without passing the P-GW. Use fwmark for both directions and mark them also strongswan which will configure it to the xfrm policies. Related: OS#6435 |
||
---|---|---|
group_vars | ||
roles | ||
vars | ||
LICENSE.md | ||
README.md | ||
epc.yml | ||
epdg.yml | ||
hosts | ||
ims.yml |
README.md
ansible-prototype
Deploy the osmo-epdg and epc (IMS is deployed but untested yet).
See https://osmocom.org/projects/osmo-epdg/wiki/Hosted_epdg_playground for further information on the setup.
To install
The setup expect to have a private network available with layer 2 connectivity between the 3 hosts. Additional you need to setup the strongswan and osmo-epdg as both only prepare, but not installed.
ansible-playbook -i hosts epdg.yml epc.yml ims.yml
cd /srv/strongswan
./autogen.sh
./configure \
--enable-eap-aka \
--enable-eap-aka-3gpp \
--enable-eap-aka-3gpp2 \
--enable-eap-simaka-reauth \
--enable-systemd \
--enable-save-keys \
--enable-p-cscf \
--enable-osmo-epdg
make && make install
systemctl daemon-reload
systemctl restart strongswan
cd /srv/osmo-edpg
rebar3 shell --config ./config/local.config