docker-ikev2-vpn-server
docker-ikev2-vpn-server copied to clipboard
Published
20 hours ago •
gaomd
gaomd
Linux Client Configuration
What would be the equivalent ipsec.conf, strongswan.conf, etc... so that a linux machine can connect as a client to this VPN? I'm testing in Ubuntu 16 LTS but looks like the following conf does not fully apply
Client conf:
root@gce-1:/etc# cat ipsec.conf
config setup
charondebug="all"
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
keyexchange=ikev2
authby=secret
conn home
left=10.138.0.2 # The eht0 network interface IP address
leftfirewall=yes
right=x.x.231.228 # The VPN server
rightsubnet=10.8.0.0/16
auto=add
Client status after ipsec restart
root@gce-1:/etc# ipsec statusall
Status of IKE charon daemon (strongSwan 5.3.5, Linux 4.4.0-66-generic, x86_64):
uptime: 5 seconds, since Aug 25 02:59:20 2017
malloc: sbrk 1216512, mmap 0, used 318656, free 897856
worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 0
loaded plugins: charon test-vectors aes rc2 sha1 sha2 md4 md5 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp agent xcbc hmac gcm attr kernel-netlink resolve socket-default connmark stroke updown
Listening IP addresses:
10.138.0.2
Connections:
home: 10.138.0.2...x.x.231.228 IKEv2
home: local: [10.138.0.2] uses pre-shared key authentication
home: remote: [x.x.231.228] uses pre-shared key authentication
home: child: dynamic === 10.8.0.0/16 TUNNEL
Security Associations (0 up, 0 connecting):
none
