[root@Overdrive strongswan]# pwd /etc/strongswan [root@Overdrive strongswan]# ll ipsec.* -rw-r--r-- 1 root root 622 Sep 2 21:20 ipsec.conf -rw------- 1 root root 435 Sep 2 21:56 ipsec.secrets # strongswan statusall Status of IKE charon daemon (strongSwan 5.3.2, Linux 4.1.0-hf-kvm-sriov-ipsec-64k.fc22.aarch64+, aarch64): uptime: 9 minutes, since Sep 04 16:22:58 2015 malloc: sbrk 3604480, mmap 0, used 1633856, free 1970624 worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 200 loaded plugins: charon aes des rc2 sha1 sha2 md4 md5 random nonce x509 revocation constraints acert pubkey pkcs1 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp xcbc cmac hmac ctr ccm curl attr kernel-netlink resolve socket-default farp stroke vici updown eap-identity eap-md5 eap-gtc eap-mschapv2 eap-tls eap-ttls eap-peap xauth-generic xauth-eap xauth-pam xauth-noauth dhcp Listening IP addresses: Connections: tun1_0_0: %any...%any IKEv2 tun1_0_0: local: uses pre-shared key authentication tun1_0_0: remote: uses pre-shared key authentication tun1_0_0: child: 140.0.0.0/8 === 50.0.0.0/8 TUNNEL ------------------------------------------------------------- [root@Overdrive strongswan]# ifconfig enp1s0f0: flags=4163 mtu 1500 inet 22.20.0.1 netmask 255.255.255.0 broadcast 22.20.0.255 inet6 fe80::92e2:baff:fe75:6a28 prefixlen 64 scopeid 0x20 ether 90:e2:ba:75:6a:28 txqueuelen 1000 (Ethernet) RX packets 202 bytes 52120 (50.8 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 230 bytes 48540 (47.4 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 enp1s0f1: flags=4163 mtu 1500 inet 111.222.0.1 netmask 255.255.255.0 broadcast 111.222.0.255 inet6 fe80::92e2:baff:fe75:6a29 prefixlen 64 scopeid 0x20 ether 90:e2:ba:75:6a:29 txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 17 bytes 1282 (1.2 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 --------------------------------------------------------------- #ipforward echo 1 > /proc/sys/net/ipv4/ip_forward echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects #route route add -net 30.0.0.0 netmask 255.0.0.0 gw 22.20.0.2 enp1s0f0 route add -net 140.0.0.0 netmask 255.0.0.0 gw 111.222.0.2 enp1s0f1 #start StrongSwan strongswan restart