Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

FireBrick to Openswan Strongswan IPsec (Howto): Difference between revisions

clean up
mNo edit summary
(clean up)
(11 intermediate revisions by 2 users not shown)
<indicator name="FireBrick Tunnels">[[File:FBimgtunnelMenu-IPsec.svg|link=:Category:FireBrick_TunnelsFireBrick IPsec|30px|Back up to the FireBrick IPsec Tunnels Category Page]]</indicator>
*Also see: [[FireBrick Road Warrior strongSwan]]
 
=Linux (CentOS Openswan) Example Using IKE2 and Preshared keys=
 
Put following two files in /etc/ipsec.d/ :
 
file: myFireBrick.conf:
 
<syntaxhighlight>
<syntaxhighlight languagelang="xmlbash">
conn myFireBrick
authby=secret
</syntaxhighlight>
 
infile: myFireBrick.secrets:
CentOS.IP.Address FireBrick.IP.Address : PSK "YourSecretHere"
 
 
Put the following in the FB at the other end:
<syntaxhighlight languagelang="xml">
<connection name="IPSec" peer-ips="CentOS.IP.Address" auth-method="Secret" secret="YourSecretHere" internal-ipv4="FireBrick.LAN.IP.Address/24" routes="CentOS.IP.Address" log="default"/>
</syntaxhighlight>
 
 
file: /etc/ipsec.conf
<syntaxhighlight lang="bash">
 
conn myFireBrick
authby=secret
rightsubnet=FireBrick.LAN.IP.Address/24
lifetime=2m
</syntaxhighlight>
 
file: /etc/ipsec.secrets
 
<syntaxhighlight lang="bash">
strongSwan.IP FireBrick.IP : PSK "YourSecretHere"
</syntaxhighlight>
 
<syntaxhighlight lang="xml">
 
<connection name="IPSecTostrongSwan" peer-ips="strongSwan.IP" auth-method="Secret" secret="YourSecretHere" internal-ipv4="FireBrick.LAN.IP.Address/24" routes="strongSwan.IP" log="default"/>
<syntaxhighlight language="xml">
<connection name="IPSecTostrongSwan" peer-ips=strongSwan.IP" auth-method="Secret" secret="YourSecretHere" internal-ipv4="FireBrick.LAN.IP.Address/24" routes="strongSwan.IP" log="default"/>
</syntaxhighlight>
[[Category:FireBrick_Tunnels|IPv6FireBrick TunnelsIPsec|Strongswan]]
editor
698

edits