strongSwan IPsec client (working fine on Fatdog64)

Configuration wizards, scanners, remote desktop, etc.
Post Reply
Message
Author
sebus
Posts: 67
Joined: Fri 20 Jan 2012, 20:57

strongSwan IPsec client (working fine on Fatdog64)

#1 Post by sebus »

From my tests on Ubuntu 11.10 strongSwan - http://www.strongswan.org/
is the only IPsec client that works fine connecting to Fortinet Fortigate firewall - http://hwellmann.blogspot.com/2010/08/u ... setup.html

One must indent the lines below each section heading
If you comment single lines in a section then the '#' character must be indented, too

The following keyword is not supported by strongSwan:

interfaces="ipsec0=eth0"

because the native Linux kernel does not have an ipsec0
interface and

esp=aes128-sha1-modp1536,3des-sha1-modp1536

is not a valid notation for IKEv1. If you want a DH-Group
different from the IKE Main Mode one you must define:

esp=aes128-sha1,3des-sha1
pfsgroup=modp1536

sebus
Last edited by sebus on Tue 14 Feb 2012, 17:02, edited 3 times in total.

sebus
Posts: 67
Joined: Fri 20 Jan 2012, 20:57

#2 Post by sebus »

The client builds fine on FD, with correct config it connects fine

Excellent IPSEC client!

sebus

Post Reply