Security Associations (1 up, 0 connecting): Get the status of the tunnel, in this case we are logged onto our Site A (Paris) Server: $ sudo ipsec status
Start the VPN on both ends: $ sudo ipsec restart Next to setup our VPN Configuration: cat /etc/nfįirewall Rules: $ sudo iptables -t nat -A POSTROUTING -s 10.10.27.0/24 -d 10.9.41.0/24 -J MASQUERADE We will setup our VPN Gateway in Site B (Amsterdam), setup the /etc/crets file: $ cat /etc/cretsĥ1.15.44.48 51.15.139.201 : PSK "87zRQqylaoeF5I8o4lRhwvmUzf+pYdDpsCOlesIeFA/2xrtxKXJTbCPZgqplnXgPX5uprL+aRgxD8ua7MmdWaQ" Now to setup our VPN configuration in /etc/nf: cat /etc/nfįirewall Rules: $ sudo iptables -t nat -A POSTROUTING -s 10.9.141.0/24 -d 10.10.27.0/24 -j MASQUERADE We will setup our VPN Gateway in Site A (Paris), first to setup the /etc/crets file: $ cat /etc/cretsĥ1.15.139.201 51.15.44.48 : PSK "87zRQqylaoeF5I8o4lRhwvmUzf+pYdDpsCOlesIeFA/2xrtxKXJTbCPZgqplnXgPX5uprL+aRgxD8ua7MmdWaQ" We will need a preshared key that both servers will use: $ openssl rand -base64 64Ĩ7zRQqylaoeF5I8o4lRhwvmUzf+pYdDpsCOlesIeFA/2xrtxKXJTbCPZgqplnXgPX5uprL+aRgxD8ua7MmdWaQ
Set the following kernel parameters: $ cat > /etc/nf << EOF
Ubuntu shrew soft vpn install#
Update your repository indexes and install strongswan: $ apt update & sudo apt upgrade -y Today we will setup a Site to Site ipsec VPN with Strongswan, which will be configured with PreShared Key Authentication.Īfter our tunnels are established, we will be able to reach the private ips over the vpn tunnels.