BSD Router Project

User Tools

Site Tools

Trace:
documentation:examples:gre_ipsec_and_openvpn

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
documentation:examples:gre_ipsec_and_openvpn [2022/07/08 12:40] – [Tunnel with IKEv2 (strongswan)] olivierdocumentation:examples:gre_ipsec_and_openvpn [2022/07/08 12:48] – [Tunnel with IKEv2 (strongswan)] olivier
Line 688: Line 688:
  
 Configure strongswan on VM2 with: Configure strongswan on VM2 with:
-  * IKEv2 +  * IKEv2 (version = 2) 
-  * Preshared-key +  * Preshared-key (psk) 
-  * Disabling Mobile IP +  * Disabling Mobile IP (mobike = no) 
-  * forcing the tunnel going UP (auto=start)+  * forcing the tunnel going UP (start_action trap)
   * configuring Dead-Peer-Detection at 5 seconds   * configuring Dead-Peer-Detection at 5 seconds
  
Line 717: Line 717:
     version = 2     version = 2
     mobike = no     mobike = no
 +    dpd_delay = 5s
   }   }
 } }
Line 757: Line 758:
   * Preshared-key   * Preshared-key
   * Disabling Mobile IP   * Disabling Mobile IP
-  * automatic traffic detection (auto=route)+  * automatic traffic detection
   * configuring Dead-Peer-Detection at 5 seconds   * configuring Dead-Peer-Detection at 5 seconds
  
Line 783: Line 784:
     version = 2     version = 2
     mobike = no     mobike = no
 +    dpd_delay = 5s
   }   }
 } }
Line 864: Line 866:
 00:46:56.918092 IP 10.0.23.2.500 > 10.0.34.4.500: isakmp: child_sa  inf2[I] 00:46:56.918092 IP 10.0.23.2.500 > 10.0.34.4.500: isakmp: child_sa  inf2[I]
 00:46:56.919263 IP 10.0.34.4.500 > 10.0.23.2.500: isakmp: child_sa  inf2[R] 00:46:56.919263 IP 10.0.34.4.500 > 10.0.23.2.500: isakmp: child_sa  inf2[R]
-</code> 
- 
-Log file on VM2: 
-<code> 
-[root@VM2]~# tail -f /var/log/auth.log 
-Jun  8 00:24:28 VM2 ipsec_starter[981]: no netkey IPsec stack detected 
-Jun  8 00:24:28 VM2 ipsec_starter[981]: no KLIPS IPsec stack detected 
-Jun  8 00:24:28 VM2 ipsec_starter[981]: no known IPsec stack detected, ignoring! 
-Jun  8 00:24:28 VM2 ipsec_starter[984]: charon (986) started after 20 ms 
-Jun  8 00:25:26 VM2 login: login on ttyu0 as root 
-Jun  8 00:25:26 VM2 login: ROOT LOGIN (root) ON ttyu0 
-Jun  8 00:34:53 VM2 charon: 12[IKE] initiating IKE_SA VM4[1] to 10.0.34.4 
-Jun  8 00:34:53 VM2 charon: 12[IKE] establishing CHILD_SA VM4 
-Jun  8 00:34:53 VM2 charon: 12[IKE] IKE_SA VM4[1] established between 10.0.23.2[VM2]...10.0.34.4[VM4] 
-Jun  8 00:34:53 VM2 charon: 12[IKE] CHILD_SA VM4{1} established with SPIs c6d01ce8_i c2357cdd_o and TS 10.0.12.0/24 === 10.0.45.0/24 
 </code> </code>
  
documentation/examples/gre_ipsec_and_openvpn.txt · Last modified: 2023/07/10 12:40 by olivier
Except where otherwise noted, content on this wiki is licensed under the following license: BSD 2-Clause
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki