[strongSwan] StrongSwan, PSK and Windows 7
Chris Arnold
carnold at electrichendrix.com
Wed May 23 00:42:21 CEST 2012
I have given up on ikev2 with certs and have turned my attention to psk. Here is the ipsec.conf file:
config setup
# plutodebug=all
crlcheckinterval=600
strictcrlpolicy=no
# cachecrls=yes
nat_traversal=yes
# charonstart=no
plutostart=no
# Add connections here.
conn %default
ikelifetime=28800s
keylife=20m
rekeymargin=3m
keyingtries=1
authby=secret
keyexchange=ikev2
mobike=no
conn rclients
left=%defaultroute
#leftcert=ChrisACert.pem
#leftid=
leftsubnet=192.168.1.0/24
right=%any
#rightsourceip=192.168.1.0/24
auto=add
conn teknerds
left=%defaultroute
leftcert=moonCert.pem
leftsubnet=192.168.1.0/24
#leftid="dn name"
#leftfirewall=yes
right=moon public ip
rightsubnet=192.168.123.0/24
rightcert=sunCert.pem
rightid="ssssssssun dn"
auto=add
Is there a wiki for the strongswan config and windows 7 config? I get an error 789 on the windows side.
Here is the ipsec.secrets file:
#@192.168.123.1 @moon.com : PSK secret (not sure why this is here?)
: RSA moonKey.pem
192.168.1.40 : PSK secret
More information about the Users
mailing list