Cheat sheet
Get connections status logs
ipsec statusall
Restart connection
mkdir -p /var/run/xl2tpd
touch /var/run/xl2tpd/l2tp-control
service strongswan restart
sleep 2
service xl2tpd restart
sleep 2
ipsec up YOUR-CONNECTION
Config
Documentation
Example
/etc/ipsec.conf
version 2.0
config setup
charonstart=yes
interfaces="%none"
nat_traversal=yes
plutodebug="all"
conn clear
auto=ignore
conn clear-or-private
auto=ignore
conn private-or-clear
auto=ignore
conn private
auto=ignore
conn block
auto=ignore
conn packetdefault
auto=ignore
conn %default
keyexchange=ikev1
conn my-conn
left=10.128.5.1
leftid="78.69.145.86"
right=220.40.60.210
leftsubnet=10.1.1.0/24
rightsubnet=10.136.6.240/28
leftsourceip=10.123.1.117
ike=3des-sha1-modp1024,3des-sha256-modp1024,3des-sha384-modp1024!
keyexchange=ikev1
ikelifetime=86400s
esp=3des-sha384,3des-sha256,3des-sha1!
keylife=3600s
rekeymargin=540s
type=tunnel
pfs=no
compress=no
authby=secret
auto=start
keyingtries=%forever
#conn my-conn
Last updated