<div dir="ltr"><img width="0" height="0" class="mailtrack-img" alt="" style="display:flex" src="https://mailtrack.io/trace/mail/9732a0c9cd039cdc9c76363f08235ed80aa159cb.png?u=94874"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;font-size:small">Hi,</div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;font-size:small"><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;font-size:small">i am new to strongswan but need you help, please.</div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;font-size:small">I have to etablish a VPN with a client having a Cisco ASA 5585x with HA.</div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;font-size:small"><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;font-size:small">Bellow are the details.</div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;font-size:small"><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;font-size:small">I have set u^the folowwing code but am unable to put the tunnel up. an you please ztell me how you would write the ipsec.conf? Here is mine:</div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;font-size:small"><br></div><div class="gmail_default"><div class="gmail_default"><font face="arial, helvetica, sans-serif">conn %default</font></div><div class="gmail_default"><font face="arial, helvetica, sans-serif"> ikelifetime=24h</font></div><div class="gmail_default"><font face="arial, helvetica, sans-serif"> keylife=8h</font></div><div class="gmail_default"><font face="arial, helvetica, sans-serif"> rekeymargin=3m</font></div><div class="gmail_default"><font face="arial, helvetica, sans-serif"> keyingtries=1</font></div><div class="gmail_default"><font face="arial, helvetica, sans-serif"> keyexchange=ikev2</font></div><div class="gmail_default"><font face="arial, helvetica, sans-serif"><br></font></div><div class="gmail_default"><font face="arial, helvetica, sans-serif">conn Infobip_vpnI</font></div><div class="gmail_default"><font face="arial, helvetica, sans-serif"> leftfirewall=yes</font></div><div class="gmail_default"><font face="arial, helvetica, sans-serif"> authby=secret</font></div><div class="gmail_default"><font face="arial, helvetica, sans-serif"> type=tunnel</font></div><div class="gmail_default"><font face="arial, helvetica, sans-serif"> left=HIDDEN</font></div><div class="gmail_default"><font face="arial, helvetica, sans-serif"> leftid = HIDDEN</font></div><div class="gmail_default"><font face="arial, helvetica, sans-serif"> leftsubnet=HIDDEN</font></div><div class="gmail_default"><font face="arial, helvetica, sans-serif"> leftauth=psk</font></div><div class="gmail_default"><font face="arial, helvetica, sans-serif"> right=HIDDEN</font></div><div class="gmail_default"><font face="arial, helvetica, sans-serif"> rightid=HIDDEN</font></div><div class="gmail_default"><font face="arial, helvetica, sans-serif"> rightsubnet=qi tunet</font></div><div class="gmail_default"><font face="arial, helvetica, sans-serif"> rightauth=psk</font></div><div class="gmail_default"><font face="arial, helvetica, sans-serif"> ikelifetime=24h</font></div><div class="gmail_default"><font face="arial, helvetica, sans-serif"> ike=aes256-sha1!</font></div><div class="gmail_default"><font face="arial, helvetica, sans-serif"> esp=aes256-sha1!</font></div><div class="gmail_default"><font face="arial, helvetica, sans-serif"> lifetime=8h</font></div></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;font-size:small"><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;font-size:small"><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:"DIN Next LT Pro",sans-serif;color:rgb(54,71,78)"><span lang="EN-US" style="font-size:11pt">Phase I </span><span lang="EN-US" style="font-size:11pt">(IKE Phase):<a href="https://mail.google.com/mail/u/0/#inbox?compose=D">https://mail.google.com/mail/u/0/#inbox?compose=D</a></span></p><table class="gmail-MsoNormalTable" border="1" cellspacing="0" cellpadding="0" style="margin-left:5.4pt;border-collapse:collapse;border:none">
<tbody><tr style="height:19.85pt">
<td width="217" style="width:162.55pt;border-width:1pt;border-style:solid;border-color:black black black windowtext;padding:0cm 5.4pt;height:19.85pt">
<p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:"DIN Next LT Pro",sans-serif;color:rgb(54,71,78)"><span lang="EN-US" style="font-size:11pt">Encryption
algorithm</span></p>
</td>
<td width="300" style="width:225.1pt;border-top:1pt solid black;border-right:1pt solid black;border-bottom:1pt solid black;border-left:none;padding:0cm 5.4pt;height:19.85pt">
<p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:"DIN Next LT Pro",sans-serif;color:rgb(54,71,78)"><span lang="EN-US" style="font-size:11pt">AES256</span></p>
</td>
</tr>
<tr style="height:19.85pt">
<td width="217" style="width:162.55pt;border-top:none;border-left:1pt solid windowtext;border-bottom:1pt solid black;border-right:1pt solid black;padding:0cm 5.4pt;height:19.85pt">
<p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:"DIN Next LT Pro",sans-serif;color:rgb(54,71,78)"><span lang="EN-US" style="font-size:11pt">Hash
algorithm (Authentication)</span></p>
</td>
<td width="300" style="width:225.1pt;border-top:none;border-left:none;border-bottom:1pt solid black;border-right:1pt solid black;padding:0cm 5.4pt;height:19.85pt">
<p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:"DIN Next LT Pro",sans-serif;color:rgb(54,71,78)"><span lang="EN-US" style="font-size:11pt">SHA-1</span><span lang="EN-US" style="font-size:11pt;color:black"></span></p>
</td>
</tr>
<tr style="height:19.85pt">
<td width="217" style="width:162.55pt;border-top:none;border-left:1pt solid windowtext;border-bottom:1pt solid black;border-right:1pt solid black;padding:0cm 5.4pt;height:19.85pt">
<p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:"DIN Next LT Pro",sans-serif;color:rgb(54,71,78)"><span lang="EN-US" style="font-size:11pt">Diffie-Hellman
group</span></p>
</td>
<td width="300" style="width:225.1pt;border-top:none;border-left:none;border-bottom:1pt solid black;border-right:1pt solid black;padding:0cm 5.4pt;height:19.85pt">
<p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:"DIN Next LT Pro",sans-serif;color:rgb(54,71,78)"><span lang="EN-US" style="font-size:11pt">Group 2
(1024 bits)</span></p>
</td>
</tr>
<tr style="height:19.85pt">
<td width="217" style="width:162.55pt;border-top:none;border-left:1pt solid windowtext;border-bottom:1pt solid black;border-right:1pt solid black;padding:0cm 5.4pt;height:19.85pt">
<p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:"DIN Next LT Pro",sans-serif;color:rgb(54,71,78)"><span lang="EN-US" style="font-size:11pt">Key
lifetime in seconds</span></p>
</td>
<td width="300" style="width:225.1pt;border-top:none;border-left:none;border-bottom:1pt solid black;border-right:1pt solid black;padding:0cm 5.4pt;height:19.85pt">
<p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:"DIN Next LT Pro",sans-serif;color:rgb(54,71,78)"><span lang="EN-US" style="font-size:11pt">86400</span></p>
</td>
</tr>
<tr style="height:19.85pt">
<td width="217" style="width:162.55pt;border-top:none;border-left:1pt solid windowtext;border-bottom:1pt solid black;border-right:1pt solid black;padding:0cm 5.4pt;height:19.85pt">
<p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:"DIN Next LT Pro",sans-serif;color:rgb(54,71,78)"><span lang="EN-US" style="font-size:11pt">Key
lifetime in bytes</span></p>
</td>
<td width="300" style="width:225.1pt;border-top:none;border-left:none;border-bottom:1pt solid black;border-right:1pt solid black;padding:0cm 5.4pt;height:19.85pt">
<p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:"DIN Next LT Pro",sans-serif;color:rgb(54,71,78)"><span lang="EN-US" style="font-size:11pt">0</span></p>
</td>
</tr>
</tbody></table><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:"DIN Next LT Pro",sans-serif;color:rgb(54,71,78)"><span style="font-family:arial,helvetica,sans-serif;font-size:small;color:rgb(34,34,34)"> </span></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:"DIN Next LT Pro",sans-serif;color:rgb(54,71,78)"><span lang="EN-US" style="font-size:11pt">Phase II </span><span lang="EN-US" style="font-size:11pt">(IPSEC Phase):</span></p><p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:"DIN Next LT Pro",sans-serif;color:rgb(54,71,78)"><span lang="EN-US" style="font-size:11pt"></span></p><table class="gmail-MsoNormalTable" border="1" cellspacing="0" cellpadding="0" style="margin-left:5.4pt;border-collapse:collapse;border:none">
<tbody><tr style="height:19.85pt">
<td width="217" style="width:162.55pt;border-width:1pt;border-style:solid;border-color:black black black windowtext;padding:0cm 5.4pt;height:19.85pt">
<p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:"DIN Next LT Pro",sans-serif;color:rgb(54,71,78)"><span lang="EN-US" style="font-size:11pt">Encryption
algorithm</span></p>
</td>
<td width="300" style="width:225.1pt;border-top:1pt solid black;border-right:1pt solid black;border-bottom:1pt solid black;border-left:none;padding:0cm 5.4pt;height:19.85pt">
<p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:"DIN Next LT Pro",sans-serif;color:rgb(54,71,78)"><span lang="EN-US" style="font-size:11pt">AES256</span></p>
</td>
</tr>
<tr style="height:19.85pt">
<td width="217" style="width:162.55pt;border-top:none;border-left:1pt solid windowtext;border-bottom:1pt solid black;border-right:1pt solid black;padding:0cm 5.4pt;height:19.85pt">
<p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:"DIN Next LT Pro",sans-serif;color:rgb(54,71,78)"><span lang="EN-US" style="font-size:11pt">Authentication
algorithm</span></p>
</td>
<td width="300" style="width:225.1pt;border-top:none;border-left:none;border-bottom:1pt solid black;border-right:1pt solid black;padding:0cm 5.4pt;height:19.85pt">
<p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:"DIN Next LT Pro",sans-serif;color:rgb(54,71,78)"><span lang="EN-US" style="font-size:11pt">SHA-1</span></p>
</td>
</tr>
<tr style="height:19.85pt">
<td width="217" style="width:162.55pt;border-top:none;border-left:1pt solid windowtext;border-bottom:1pt solid black;border-right:1pt solid black;padding:0cm 5.4pt;height:19.85pt">
<p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:"DIN Next LT Pro",sans-serif;color:rgb(54,71,78)"><span lang="EN-US" style="font-size:11pt">Perfect
Forward Secrecy (PFS)</span></p>
</td>
<td width="300" style="width:225.1pt;border-top:none;border-left:none;border-bottom:1pt solid black;border-right:1pt solid black;padding:0cm 5.4pt;height:19.85pt">
<p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:"DIN Next LT Pro",sans-serif;color:rgb(54,71,78)"><span lang="EN-US" style="font-size:11pt">No</span></p>
</td>
</tr>
<tr style="height:19.85pt">
<td width="217" style="width:162.55pt;border-top:none;border-left:1pt solid windowtext;border-bottom:1pt solid black;border-right:1pt solid black;padding:0cm 5.4pt;height:19.85pt">
<p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:"DIN Next LT Pro",sans-serif;color:rgb(54,71,78)"><span lang="EN-US" style="font-size:11pt">SA duration
in seconds (lifetime)</span></p>
</td>
<td width="300" style="width:225.1pt;border-top:none;border-left:none;border-bottom:1pt solid black;border-right:1pt solid black;padding:0cm 5.4pt;height:19.85pt">
<p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:"DIN Next LT Pro",sans-serif;color:rgb(54,71,78)"><span lang="EN-US" style="font-size:11pt">28800</span></p>
</td>
</tr>
<tr style="height:19.85pt">
<td width="217" style="width:162.55pt;border-top:none;border-left:1pt solid windowtext;border-bottom:1pt solid black;border-right:1pt solid black;padding:0cm 5.4pt;height:19.85pt">
<p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:"DIN Next LT Pro",sans-serif;color:rgb(54,71,78)"><span lang="EN-US" style="font-size:11pt">SA
duration in KBytes</span></p>
</td>
<td width="300" style="width:225.1pt;border-top:none;border-left:none;border-bottom:1pt solid black;border-right:1pt solid black;padding:0cm 5.4pt;height:19.85pt">
<p class="MsoNormal" style="margin:0cm 0cm 0.0001pt;font-size:12pt;font-family:"DIN Next LT Pro",sans-serif;color:rgb(54,71,78)"><span lang="EN-US" style="font-size:11pt">4608000</span></p>
</td>
</tr>
</tbody></table></div><div><div dir="ltr" class="gmail_signature"><br></div><div dir="ltr" class="gmail_signature"><br></div><div dir="ltr" class="gmail_signature"><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;font-size:small">Please correct me la bas.</div><br>------<br><font color="#666666">loyc Cossou</font></div></div><div dir="ltr" class="gmail_signature"><font color="#666666"><br></font></div></div></div><br></div><br><div class="gmail-mt-signature">
<table border="0" cellpadding="8" cellspacing="0" style="user-select: none;">
<tbody><tr>
<td>
<a href="https://mailtrack.io?utm_source=gmail&utm_medium=signature&utm_campaign=signaturevirality6&" class="gmail-mt-no-pointer-events" style="text-decoration:none">
<img src="https://s3.amazonaws.com/mailtrack-signature/sender_notified.gif" alt="Mailtrack" class="gmail-mt-no-pointer-events" width="32" height="32">
</a>
</td>
<td>
<span style="color:rgb(119,119,119)">Sender notified by</span> <br>
<a href="https://mailtrack.io?utm_source=gmail&utm_medium=signature&utm_campaign=signaturevirality6&" class="gmail-mt-install gmail-mt-no-pointer-events" style="color:rgb(67,116,247)">Mailtrack</a>
<span style="color:transparent;font-size:0px">22/09/18 à 03:20:25</span>
</td>
<td>
<div class="gmail-mt-remove-signature-button">
<a href="#" style="text-decoration:none" class="gmail-mt-remove"><em>×</em><span>REMOVE</span></a>
</div>
</td>
</tr>
</tbody></table>
</div></div></div>