Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

FireBrick Road Warrior strongSwan: Difference between revisions

FireBrick Road Warrior strongSwan (view source)

Revision as of 20:46, 22 November 2018

195 bytes added ,  22 November 2018
m
→‎Certificate
libcharon-extra-plugins is needed for the eap-identity plugin which is required to connect to the FireBrick. The plugin is loaded automatically, so you don't need to change any config files (normally you'd have to change the "load =" statement in strongswan.conf).
 
==CA Certificate==
 
Download your CA certificate from the FireBrick, and copy to /etc/ipsec.d/cacerts/ on your client box. Strongswan shouldn't mind if PEM or DER.
 
If you're using a Let's Encrypt cert on the FireBrick (which is easy) - you'll need to symlink the system CA:
ln -s /etc/ssl/certs/DST_Root_CA_X3.pem /etc/ipsec.d/cacerts/DST_Root_CA_X3.pem
 
==strongSwan Config==
AA-Andrew
autoreview, Bureaucrats, editor, Interface administrators, reviewer, Administrators
12,270

edits

Retrieved from ‘http://support.aa.net.uk/Special:MobileDiff/13721