Sunday, July 8, 2012

IKEv2 VPN between NATed linux client and the linux server


Finally, I've done running an IKEv2 VPN between Ubuntu on my home pc as the client and Centos on my ded server as the server using strongswan 4.6.4, the client is NATed ( router : dsl modem ! ).

Here's the configuration :

server's ipsec.conf :
conn win7
        left=SERVER.IP.ADD.RESS
        leftcert=server.cert
        leftid=@server.domain.com
        leftsubnet=0.0.0.0/0
        right=%any
        rightsourceip=10.10.3.0/24
        keyexchange=ikev2
        auto=add
        leftfirewall=yes


client's ipsec.conf:
conn ike
        left=%defaultroute
        leftsourceip=%config
        leftcert=client.cert
        leftid=@client.domain.com
        leftfirewall=yes
        right=SERVER.IP.ADD.RESS
        rightsubnet=0.0.0.0/0
        rightid=@server.domain.com
        auto=add

Establish the connection using the following command :

ipsec up ike

1 comment:

  1. What is your ipsec.secrets file? I mean how to include private key of client certificate to strongswan?

    ReplyDelete