[strongSwan] Simple IPsec host-host test

H Yavari hyavari at rocketmail.com
Fri May 28 16:57:55 CEST 2021


 Hi Noel,
Thanks for the reply.I resolved the issue with running the swanctl -c and swanctl -q then swanctl -i --child host-host
it is the correct way?
Regards,Hoss

    On Friday, May 28, 2021, 07:48:13 AM PDT, Noel Kuntze <noel.kuntze+strongswan-users-ml at thermi.consulting> wrote:  
 
 Hello Hoss,

What do you expect to happen?
What exactly did you do up to this point?

Kind regards
Noel

Am 27.05.21 um 19:20 schrieb H Yavari:
> Hi to all,
> 
> I did a simple configuration based on test samples for two ec2 on AWS, but nothing happens between the two machines. What I am missing?
> 
> (10.0.0.30) Sun <=======> Moon (10.0.0.20)
> 
> connections {
> 
>     host-host {
>        remote_addrs = 10.0.0.20
> 
>        local {
>           auth = psk
>           id = sun.strongswan.org
>        }
>        remote {
>           auth = psk
>           id = moon.strongswan.org
>        }
>        children {
>           host-host {
>                  start_action = trap
>           }
>        }
>     }
> }
> secrets {
>     ike-1 {
>        id-moon = moon.strongswan.org
>        id-sun = sun.strongswan.org
>        secret = 0sv+NkxY9LLZvwj4q
>     }
> }
> 
> 
> ------------
> 
> 
> 
> connections {
> 
>     host-host {
>        remote_addrs = 10.0.0.30
> 
>        local {
>           auth = psk
>           id = moon.strongswan.org
>        }
>        remote {
>           auth = psk
>           id = sun.strongswan.org
>        }
>        children {
>           host-host {
>                  start_action = start
>           }
>        }
>     }
> }
> 
> secrets {
>     ike-1 {
>        id-1 = moon.strongswan.org
>        secret = 0x45a30759df97dc26a15b88ff
>     }
>     ike-2 {
>        id-2 = sun.strongswan.org
>        secret = "This is a strong password"
>     }
>     ike-3 {
>        id-3a = moon.strongswan.org
>        id-3b = sun.strongswan.org
>        secret = 0sv+NkxY9LLZvwj4q
>     }
>     ike-4 {
>        secret = 'My "home" is my "castle"!'
>     }
>     ike-5 {
>       id-5 = 10.0.0.20
>       secret = "Andi's home"
>     }
> }
> 
> 
> EC2 : Debian
> Version: 5.7.2
> 
> Thanks.
> 
> BR
> Hoss
> 

  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20210528/319e14aa/attachment-0001.html>


More information about the Users mailing list