[strongSwan] Please, help me with the configuration

Noel Kuntze noel.kuntze+strongswan-users-ml at thermi.consulting
Fri Sep 28 18:53:33 CEST 2018


Hello Loyc,

The critical information is missing and you do not provide any logs, so we can not help you.
Please follow the advice on the HelpRequests page of the wiki[1].

Kind regards

Noel

[1] https://wiki.strongswan.org/projects/strongswan/wiki/HelpRequests

Am 22.09.18 um 04:24 schrieb Loyc Cossou:
> Hi,
>
> i am new to strongswan but need you help, please.
> I have to etablish a VPN with a client having a Cisco ASA 5585x with HA.
>
> Bellow are the details.
>
> I have set u^the folowwing code but am unable to put the tunnel up. an you please ztell me how you would write the ipsec.conf? Here is mine:
>
> conn %default
>         ikelifetime=24h
>         keylife=8h
>         rekeymargin=3m
>         keyingtries=1
>         keyexchange=ikev2
>
> conn Infobip_vpnI
>         leftfirewall=yes
>         authby=secret
>         type=tunnel
>         left=HIDDEN
>         leftid = HIDDEN
>         leftsubnet=HIDDEN
>         leftauth=psk
>         right=HIDDEN
>         rightid=HIDDEN
>         rightsubnet=qi tunet
>         rightauth=psk
>         ikelifetime=24h
>         ike=aes256-sha1!
>         esp=aes256-sha1!
>         lifetime=8h
>
> Phase I (IKE Phase):https://mail.google.com/mail/u/0/#inbox?compose=D
>
> Encryption algorithm
>
> 	
>
> AES256
>
> Hash algorithm (Authentication)
>
> 	
>
> SHA-1
>
> Diffie-Hellman group
>
> 	
>
> Group 2 (1024 bits)
>
> Key lifetime in seconds
>
> 	
>
> 86400
>
> Key lifetime in bytes
>
> 	
>
> 0
>
>    
>
> Phase II (IPSEC Phase):
>
> Encryption algorithm
>
> 	
>
> AES256
>
> Authentication algorithm
>
> 	
>
> SHA-1
>
> Perfect Forward Secrecy (PFS)
>
> 	
>
> No
>
> SA duration in seconds (lifetime)
>
> 	
>
> 28800
>
> SA duration in KBytes
>
> 	
>
> 4608000
>
>
>
> Please correct me la bas.
>
> ------
> loyc Cossou
>
>
>
> Mailtrack <https://mailtrack.io?utm_source=gmail&utm_medium=signature&utm_campaign=signaturevirality6&> 	Sender notified by
> Mailtrack <https://mailtrack.io?utm_source=gmail&utm_medium=signature&utm_campaign=signaturevirality6&> 22/09/18 à 03:20:25 	
> /×/REMOVE <#>
>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20180928/4afc9f0c/attachment-0001.sig>


More information about the Users mailing list