[Swan] ikev2 and win7
bob at computerisms.ca
Wed May 13 03:42:47 EEST 2015
>> Does anyone have an example config they could share?
> Have a look at
> It shows a libreswan-strongswan ikev2 interop. The only difference for
> you is that you'd configure X.509 certificates instead of PSK.
I think I got it figured out. In the hopes it is useful to others, this
is what I did:
I configured the windows client as per:
and I had to redo my certificates as per error 13801 on this page:
It seems that routing is a different game here. the way I used to do it
was set the leftsubnet to be that of the remote network, then use
iptables to do FORWARD between the networks, and then a NAT rule to
allow internet access. I found that using this config, the leftsubnet
*also* has to be set to 0.0.0.0/0 in order to allow internet traffic.
I am not really clear on the narrowing function, I think I need to learn
more on that, but that will be for another day. Thanks again for the
More information about the Swan