[strongSwan] Setup client using main mode/draft-ietf-ipsec-nat-t-ike-02
dams.benoist at gmail.com
Mon Jun 17 11:22:03 CEST 2013
Thanks for your answer.
There's an ip/port i can connect to from windows with cisco vpnclient.
>From Linux with strongswan, I get a connection timed out.
telnet x.x.x.x p
telnet: Unable to connect to remote host: Connection timed out
2013/6/17 Andreas Steffen <andreas.steffen at strongswan.org>:
> Hi Damien,
> no special ipsec interface is created. Linux automatically
> routes traffic to an from the IPsec tunnel installed in
> the kernel. This means that you don't need to do any
> special configuration.
> On 17.06.2013 09:08, Damien Benoist wrote:
>> I did the changes you suggested.
>> I now get a "connection 'cnx' established successfully.
>> So it seems that the client and server now understand eachother.
>> I expected to have a new network interface.
>> Some threads are talking of an "ipsec" interface
>> but I have none.
>> So I just don't know how to use the connection.
>> Can you tell me what I have to do now
>> or point me to the right doc?
>> Thanks again!
>> 2013/6/11 Martin Willi <martin at strongswan.org>:
>>>> Encryption-Algorithm : 3DES-CBC
>>>> Hash-Algorithm : SHA
>>>> Alternate 1024-bit MODP group
>>> The IKE proposal uses 3des-sha1, the responder might not like our
>>> default set (aes128-sha1 or 3des-md5). You might try it with:
>>> But the default might work as well, depends on the responder what it
>>>> Authentication-Method : XAUTHInitRSA
>>> Looks like the responder expects RSA client authentication followed by
>>> an XAuth exchange. You can configure this using:
>>> Have a look at  for a complete example. Beside the
>>> certificate/private key from the PKCS#12 container, you'll need a
>>> password in ipsec.secrets.
> Andreas Steffen andreas.steffen at strongswan.org
> strongSwan - the Linux VPN Solution! www.strongswan.org
> Institute for Internet Technologies and Applications
> University of Applied Sciences Rapperswil
> CH-8640 Rapperswil (Switzerland)
More information about the Users