Help on StrongSwan IPSEC configuration











up vote
0
down vote

favorite












I need to establish a L2TP over IPSEC vpn connection to another server. I'm using ubuntu 16.04.



Also I installed StrongSwan and xl2tp plus configurations from this tutorial



https://codediary.net/posts/l2tp-ipsec-vpn-on-ubuntu-16-04/



When I run IPSEC with the command ipsec up myvpn it fails to connect. I guess it's because it needs some custom configurations for IPSEC connection.



Following conditions are needed



IPSEC Phase 1 Proposal----------------------

encryption 3DES     Authentication SHA1

encryption AES192   Authentication SHA1

encryption AES256   Authentication MD5

Diffie-Hellman Group 2

Key lifetime (seconds) 86400



IPSEC Phase 2 Proposal----------------------

Local Address 0.0.0.0/0.0.0.0

Remote Address 0.0.0.0/0.0.0.0

encryption 3DES     Authentication SHA1

encryption AES192   Authentication SHA1

encryption AES256   Authentication MD5

Key lifetime (seconds) 86400


And here is my current ipsec.conf file



# ipsec.conf - strongSwan IPsec configuration file



# basic configuration



config setup

        # strictcrlpolicy=yes

        # uniqueids = no



# Add connections here.



# Sample VPN connections



conn %default

        ikelifetime=60m

        keylife=20m

        rekeymargin=3m

        keyingtries=1

        keyexchange=ikev1

        authby=secret

        ike=aes128-sha1-modp1024,3des-sha1-modp1024!

        esp=aes128-sha1-modp1024,3des-sha1-modp1024!



conn myvpn

     keyexchange=ikev1

     left=%defaultroute

     auto=add

     authby=secret

     type=transport

     leftprotoport=17/%any

     rightprotoport=17/1701 

     right=XXX.XXX.XXX.XXX


Can anyone tell me how to make ipsec.conf file to satisfy mentioned conditions?



Thank you.






networking vpn ipsec







share|improve this question


























    up vote
    0
    down vote

    favorite












    I need to establish a L2TP over IPSEC vpn connection to another server. I'm using ubuntu 16.04.



    Also I installed StrongSwan and xl2tp plus configurations from this tutorial



    https://codediary.net/posts/l2tp-ipsec-vpn-on-ubuntu-16-04/



    When I run IPSEC with the command ipsec up myvpn it fails to connect. I guess it's because it needs some custom configurations for IPSEC connection.



    Following conditions are needed



    IPSEC Phase 1 Proposal----------------------
    
encryption 3DES     Authentication SHA1
    
encryption AES192   Authentication SHA1
    
encryption AES256   Authentication MD5
    
Diffie-Hellman Group 2
    
Key lifetime (seconds) 86400
    

    
IPSEC Phase 2 Proposal----------------------
    
Local Address 0.0.0.0/0.0.0.0
    
Remote Address 0.0.0.0/0.0.0.0
    
encryption 3DES     Authentication SHA1
    
encryption AES192   Authentication SHA1
    
encryption AES256   Authentication MD5
    
Key lifetime (seconds) 86400


    And here is my current ipsec.conf file



    # ipsec.conf - strongSwan IPsec configuration file
    

    
# basic configuration
    

    
config setup
    
        # strictcrlpolicy=yes
    
        # uniqueids = no
    

    
# Add connections here.
    

    
# Sample VPN connections
    

    
conn %default
    
        ikelifetime=60m
    
        keylife=20m
    
        rekeymargin=3m
    
        keyingtries=1
    
        keyexchange=ikev1
    
        authby=secret
    
        ike=aes128-sha1-modp1024,3des-sha1-modp1024!
    
        esp=aes128-sha1-modp1024,3des-sha1-modp1024!
    

    
conn myvpn
    
     keyexchange=ikev1
    
     left=%defaultroute
    
     auto=add
    
     authby=secret
    
     type=transport
    
     leftprotoport=17/%any
    
     rightprotoport=17/1701 
    
     right=XXX.XXX.XXX.XXX


    Can anyone tell me how to make ipsec.conf file to satisfy mentioned conditions?



    Thank you.






    networking vpn ipsec







    share|improve this question
























      up vote
      0
      down vote

      favorite









      up vote
      0
      down vote

      favorite











      I need to establish a L2TP over IPSEC vpn connection to another server. I'm using ubuntu 16.04.



      Also I installed StrongSwan and xl2tp plus configurations from this tutorial



      https://codediary.net/posts/l2tp-ipsec-vpn-on-ubuntu-16-04/



      When I run IPSEC with the command ipsec up myvpn it fails to connect. I guess it's because it needs some custom configurations for IPSEC connection.



      Following conditions are needed



      IPSEC Phase 1 Proposal----------------------
      
encryption 3DES     Authentication SHA1
      
encryption AES192   Authentication SHA1
      
encryption AES256   Authentication MD5
      
Diffie-Hellman Group 2
      
Key lifetime (seconds) 86400
      

      
IPSEC Phase 2 Proposal----------------------
      
Local Address 0.0.0.0/0.0.0.0
      
Remote Address 0.0.0.0/0.0.0.0
      
encryption 3DES     Authentication SHA1
      
encryption AES192   Authentication SHA1
      
encryption AES256   Authentication MD5
      
Key lifetime (seconds) 86400


      And here is my current ipsec.conf file



      # ipsec.conf - strongSwan IPsec configuration file
      

      
# basic configuration
      

      
config setup
      
        # strictcrlpolicy=yes
      
        # uniqueids = no
      

      
# Add connections here.
      

      
# Sample VPN connections
      

      
conn %default
      
        ikelifetime=60m
      
        keylife=20m
      
        rekeymargin=3m
      
        keyingtries=1
      
        keyexchange=ikev1
      
        authby=secret
      
        ike=aes128-sha1-modp1024,3des-sha1-modp1024!
      
        esp=aes128-sha1-modp1024,3des-sha1-modp1024!
      

      
conn myvpn
      
     keyexchange=ikev1
      
     left=%defaultroute
      
     auto=add
      
     authby=secret
      
     type=transport
      
     leftprotoport=17/%any
      
     rightprotoport=17/1701 
      
     right=XXX.XXX.XXX.XXX


      Can anyone tell me how to make ipsec.conf file to satisfy mentioned conditions?



      Thank you.






      networking vpn ipsec







      share|improve this question













      I need to establish a L2TP over IPSEC vpn connection to another server. I'm using ubuntu 16.04.



      Also I installed StrongSwan and xl2tp plus configurations from this tutorial



      https://codediary.net/posts/l2tp-ipsec-vpn-on-ubuntu-16-04/



      When I run IPSEC with the command ipsec up myvpn it fails to connect. I guess it's because it needs some custom configurations for IPSEC connection.



      Following conditions are needed



      IPSEC Phase 1 Proposal----------------------
      
encryption 3DES     Authentication SHA1
      
encryption AES192   Authentication SHA1
      
encryption AES256   Authentication MD5
      
Diffie-Hellman Group 2
      
Key lifetime (seconds) 86400
      

      
IPSEC Phase 2 Proposal----------------------
      
Local Address 0.0.0.0/0.0.0.0
      
Remote Address 0.0.0.0/0.0.0.0
      
encryption 3DES     Authentication SHA1
      
encryption AES192   Authentication SHA1
      
encryption AES256   Authentication MD5
      
Key lifetime (seconds) 86400


      And here is my current ipsec.conf file



      # ipsec.conf - strongSwan IPsec configuration file
      

      
# basic configuration
      

      
config setup
      
        # strictcrlpolicy=yes
      
        # uniqueids = no
      

      
# Add connections here.
      

      
# Sample VPN connections
      

      
conn %default
      
        ikelifetime=60m
      
        keylife=20m
      
        rekeymargin=3m
      
        keyingtries=1
      
        keyexchange=ikev1
      
        authby=secret
      
        ike=aes128-sha1-modp1024,3des-sha1-modp1024!
      
        esp=aes128-sha1-modp1024,3des-sha1-modp1024!
      

      
conn myvpn
      
     keyexchange=ikev1
      
     left=%defaultroute
      
     auto=add
      
     authby=secret
      
     type=transport
      
     leftprotoport=17/%any
      
     rightprotoport=17/1701 
      
     right=XXX.XXX.XXX.XXX


      Can anyone tell me how to make ipsec.conf file to satisfy mentioned conditions?



      Thank you.






      networking vpn ipsec




      networking vpn ipsec






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Nov 27 at 23:40









      robert hofer

      11




      11



























          active

          oldest

          votes











          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "89"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1096648%2fhelp-on-strongswan-ipsec-configuration%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown






























          active

          oldest

          votes













          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes
















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Ask Ubuntu!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.





          Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


          Please pay close attention to the following guidance:


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1096648%2fhelp-on-strongswan-ipsec-configuration%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          -

          Popular posts from this blog

          Biblatex bibliography style without URLs when DOI exists (in Overleaf with Zotero bibliography)

          Image
          2 2 I have a Zotero bibliography in Overleaf. I use biblatex . usepackage[backend=biber,citestyle=authoryear]{biblatex} addbibresource{zoteroALH.bib} Bibliography entries look like: @book{de_saint-gervais_uniformization_2016, title = {Uniformization of {Riemann} {Surfaces}}, isbn = {978-3-03719-145-3}, url = {https://www.ems-ph.org/books/book.php?proj_nr=198&srch=series%7Chem}, urldate = {2019-02-03}, author = {de Saint-Gervais, Paul Henri}, year = {2016}, doi = {10.4171/145} } In the bibliography down the paper the reference shows like this: There is the DOI, great, but also the URL which is unnecessary when the DOI is there. How can I remove the URL when the DOI is present? biblatex bibliographies overleaf zote
          Read more

          ComboBox Display Member on multiple fields

          Image
          2 I'm trying to set the .DisplayMember property of a ComboBox in C#, but I want to bind it to multiple columns in the .DataSouce . My SQL looks like this: SELECT PersNbr, PersFirstName, PersMiddleName, PersLastName FROM Pers WHERE PersNbr = :persNbr; I'm saving this query in a DataTable so each column selected has it's own column in the Datatable . I want to make the .DisplayMember a combination of PersFirstName + PersMiddleName + PersLastName so their full name appears like this: comboBox.DisplayMemeber = "PersFirstName" + "PersMiddleName" + "PersLastName" I know I can just to this on the query: SELECT PersNbr, (PersFirstName || PersMiddleName || PersLastName) PersName and then just do this: comboBox.DisplayMember = "PersName"; but I
          Read more

          Is it possible to collect Nectar points via Trainline?

          Image
          2 Since I am not eligible for any Railcard, the only available discount/bonus scheme is Nectar Card for me. GWR, SWR, LNER and Virgin Trains allow to collect Nectar points and I have already linked a card to my GWR account. A friend suggested me to use Trainline App, because it can search for bus tickets either. I had a look at the application, but could not see any option for Nectar. Is there a way to collect Nectar points when I buy tickets via Trainline? uk trains loyalty-programs trainline share | improve this question asked Dec 2 '18 at 15:50 ahmedus 3,224 5 19 49
          Read more