[strongSwan] Strongswan Host-to-Host Connection Linux to Windows

Tyler Phillippe tylerphillippe at gmail.com
Fri May 20 15:15:35 CEST 2022

Hello all! I am attempting to connect a Linux machine to Windows via
Strongswan in a host-to-host configuration. I tested with Windows to
Windows using the built-in firewall and it connected instantly. I changed
the default Windows integrity and encryption ciphers and I think I changed
them in the Linux Strongswan configuration. However, I am not getting any
connection between the hosts and I can't find any logs on the Windows
machine to help me narrow down what the issue is. It definitely does not
work, since the SSH session on the Linux machine fails out. Below is the
swanctl.conf file on my Linux machine. And, I know it's not the most secure
method - I'm just trying to get it to initially connect with a PSK since
that's the simplest for now. Windows doesn't support modp3072
unfortunately, so I had to manually set the Linux config below to modp2048.
The Windows firewall is set to use AES-CBC 128, SHA-256, MODP2048 for key
exchange and ESP AES-CBC 128, SHA-256 for data protection. What am I doing
wrong? Thanks everyone!!

connections {
    linuxHost {
        local_addrs =  (Linux machine)
        remote_addrs =  (Windows machine)
        proposals = aes128-sha256-modp2048
        local {
            auth = psk
        remote {
            auth = psk
        children {
            linuxHost {
                esp_proposals = aes128-sha256-modp2048
                mode = transport
        version = 2
        reauth_time = 10800

secrets {
    ike {
        secret = <psk>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20220520/305287ec/attachment.html>

More information about the Users mailing list