[strongSwan] Instructions on getting 2 virtual boxes connected with strongswan
brianwatson999999 at gmail.com
Thu May 1 20:56:06 CEST 2014
So is this the information that I should follow from the wiki:
Is it best to use the NetworkManager plugin?
The configuration files used by strongSwan are as follows:
provides the configuration of IPsec connections
lists the secrets (pre-shared keys, private keys)
stores certificates and private keys
allows one to configure global settings
Other Configuration Sources
The configuration may also be loaded from an SQL
provided by custom plugins like the one used with
Invocation and Maintenance
strongSwan is usually controlled with the ipsec
ipsec start will start the starter
starts and configures the keying daemon
Connections defined as conn sections in
be started on three different occasions:
- *On startup*: Connections configured with *auto=start* will
automatically be established when the daemon is started.
- *On traffic*: If *auto=route* is used, IPsec policies for the
configured traffic (*left|rightsubnet*) will be installed and traffic
matching these policies will trigger events that cause the daemon to
establish the connection.
- *Manually*: A connection that uses *auto=add* has to be established
manually with ipsec up <name>. It is also
possible to use ipsec route <name> to install policies manually for such
After an SA has been established ipsec down may be used to tear down the
IKE_SA or individual CHILD_SAs.
Whenever the ipsec.conf<http://wiki.strongswan.org/projects/strongswan/wiki/Ipsecconf>file
is changed it may be reloaded with ipsec
update or ipsec reload. Already established
connections are not affected by these commands, if that is required ipsec
restart must be used.
the files in
been changed the ipsec
may be used to reload these files.
End-entity certificates placed in
not reloaded automatically, instead they are loaded whenever
with *left|rightcert* in a conn
Using the ipsec
may be required in order for the new files to be used.
Using the ipsec
will provide information about loaded or cached certificates,
supported algorithms and
On Thu, May 1, 2014 at 11:34 AM, Brian Watson
<brianwatson999999 at gmail.com>wrote:
> I'm new to StrongSwan and am looking for some good instructions on
> setting up a VPN between 2 virtual machines running on the same laptop. The
> wiki pages seem to lay out a lot of different scenarios, but nothing to
> walk you through the steps necessary to start from scratch. I've downloaded
> the sw into my Ubuntu machine, but can't find the instructions as to what
> app to start and what to do next.
> Any ideas?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users