[strongSwan] Strongswan to Cisco router configuration help
Brian secmang
secmang at hotmail.com
Tue Apr 16 22:50:15 CEST 2013
Hello,
We've been struggling with getting a working vpn tunnel up between a Strongswan Linux host and a Cisco ISR router (1941). We're trying to setup a subnet-subnet VPN.
Does anyone have a working configuration of a working setup between any Cisco router (non-ASA,non-PIX), and a Strongswan server?
Details:
Strongswan vU4.4.1 with kernel 2.6.32-5-amd64
ipsec.conf:
config setup
plutodebug=control
crlcheckinterval=180
strictcrlpolicy=no
nat_traversal=yes
charonstart=no
conn %default
ikelifetime=3600s
keylife=20m
rekeymargin=3m
keyingtries=1
keyexchange=ikev1
conn vpn1
left=192.168.0.2 # Cisco ISR
leftsubnet=10.2.3.96/28 # User subnet (peer1)
right=172.16.0.1 # StrongSwan Linux (peer2)
rightsubnet=10.1.1.0/16 # Network users will access
auto=start
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20130416/35cfe3c8/attachment.html>
More information about the Users
mailing list