Professional Documents
Culture Documents
Tutorial Swan
Tutorial Swan
1. Install StrongSwan
• Edit the /etc/ipsec.conf file using your favorite text editor (e.g., nano ,
vim ).
• Here's a basic configuration file:
arduinoCopy code
config setup
charondebug="ike 2, knl 2, cfg 2, net 2, esp 2, dmn 2, mgr 2"
uniqueids=no
conn myvpn
auto=start
left=%defaultroute
leftsubnet=0.0.0.0/0
leftauth=psk
leftid=<your_server_public_ip>
right=<your_client_public_ip>
rightsubnet=192.168.0.0/24
rightauth=psk
ike=3des-sha1-modp1024
esp=3des-sha1
keyexchange=ikev1
keyingtries=3
dpddelay=30
dpdtimeout=120
dpdaction=clear
ikelifetime=8h
lifetime=1h
type=tunnel
mark=100
• Allow traffic through the IPsec ports (UDP 500 and UDP 4500) in your firewall
rules.
That's it! You should now have a working StrongSwan VPN. Of course, this is just a basic
configuration, and you can customize it further to suit your needs.