Strongswan ikev1 xauth psk
Version vom 7. September 2017, 15:22 Uhr von Thomas (Diskussion | Beiträge)
Install xauth modul
- apt-get install strongswan strongswan-plugin-xauth-generic
/etc/ipsec.conf
config setup
cachecrls=yes
uniqueids=yes
conn xauth-android
keyexchange=ikev1
authby=xauthpsk
xauth=server
left=%defaultroute
leftsubnet=0.0.0.0/0
leftfirewall=yes
right=%any
rightsubnet=10.7.0.0/24
rightsourceip=10.7.0.2/24
rightdns=4.2.2.1
auto=add
/etc/ipsec.secret
10.84.252.31 %any : PSK "suxer" xinux : XAUTH "oimel" someone : XAUTH "anotherpassword"