[strongSwan] Strongswan 4.5 / 5.1 <-> Fritzbox -- configuration examples?
a_kemper at gmx.de
Tue Feb 25 17:25:24 CET 2014
I'd like to configure Strongswan on my Ubuntu server to become a client
to the local network of my Fritzbox router at home. At first I created a
modified roadwarrior configuration file for the router to disable IKEv1
aggressive mode ("mode = phase1_mode_idp"). Hence it should be
compatible with the Strongswan 4.5 release in my current Ubuntu LTS version.
Following I picked the test scenario
which to my understanding contains all relevant client configuration. In
ipsec.conf I've mainly changed these entries as following:
left = <server_local_IP>
leftid = <fritzbox_connection_name>
right = <fritzbox_dyndns_name>
rightid = <@fritzbox_dyndns_name>
For now during startup everything seems to be fine, but connection
set-up get's stuck with these messages:
pluto: "FB-ipsec-vserver" #1: initiating Main Mode
pluto: "FB-ipsec-vserver" #1: max number of retransmissions (2)
reached STATE_MAIN_I1. No response (or no acceptable response) to our
first IKE message
Firewall on server is temporarily disabled and I don't see any other
obvious problem for the moment. Thus can someone please give me some
hints, configuration samples or even better a kind of documentation
containing possible configuration options for Strongswan with Fritzbox?
Preferably I'd like to get a broader/complete overview which
configuration options like mode-config, xauth, aggressive mode are
supported by both Strongswan versions 4.5 or soon 5.1 together with
Fritzbox for different connection scenarios?
Thanks a lot,
More information about the Users