[strongSwan] StrongSwan, PSK and Windows 7
Chris Arnold
carnold at electrichendrix.com
Thu May 24 17:05:46 CEST 2012
Can anyone help me get strongswan going with PSK? My config is below. I see on the router logs (strongswan behind it) that I am making it to the router and the router is passing the connection to the strongswan server but the VPN is not established. I feel like this is a strongswan config issue. Any help is appreciated.
Sent from my iPhone
On May 22, 2012, at 6:42 PM, Chris Arnold <carnold at electrichendrix.com> wrote:
> I have given up on ikev2 with certs and have turned my attention to psk. Here is the ipsec.conf file:
> config setup
> # plutodebug=all
> crlcheckinterval=600
> strictcrlpolicy=no
> # cachecrls=yes
> nat_traversal=yes
> # charonstart=no
> plutostart=no
>
> # Add connections here.
>
> conn %default
> ikelifetime=28800s
> keylife=20m
> rekeymargin=3m
> keyingtries=1
> authby=secret
> keyexchange=ikev2
> mobike=no
>
> conn rclients
> left=%defaultroute
> #leftcert=ChrisACert.pem
> #leftid=
> leftsubnet=192.168.1.0/24
> right=%any
> #rightsourceip=192.168.1.0/24
> auto=add
>
> conn teknerds
> left=%defaultroute
> leftcert=moonCert.pem
> leftsubnet=192.168.1.0/24
> #leftid="dn name"
> #leftfirewall=yes
> right=moon public ip
> rightsubnet=192.168.123.0/24
> rightcert=sunCert.pem
> rightid="ssssssssun dn"
> auto=add
>
> Is there a wiki for the strongswan config and windows 7 config? I get an error 789 on the windows side.
>
> Here is the ipsec.secrets file:
> #@192.168.123.1 @moon.com : PSK secret (not sure why this is here?)
> : RSA moonKey.pem
>
> 192.168.1.40 : PSK secret
>
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
More information about the Users
mailing list