Fritz!BOX VPN
Aus Nerdberg
StrongSwan Konfiguration unter Linux
/etc/ipsec.conf
# https://www.ip-phone-forum.de/threads/strongswan-linux-als-vpn-client-f%C3%BCr-einen-fritz-os-benutzeraccount.309500/
# this is the template...
conn avm_conntype_user
ikelifetime=60m
keylife=60m
rekeymargin=3m
keyingtries=1
ike=aes256-sha512-modp1024!
esp=aes256-sha512!
keyexchange=ikev1
aggressive=yes
leftauth=psk
leftauth2=xauth
leftsourceip=%config4
dpdtimeout=120s
dpdaction=restart
dpddelay=30s
forceencaps=yes
modeconfig=pull
compress=no
rightauth=psk
xauth=client
conn nerdberg_YOURNAME
also=avm_conntype_user
# IPSec-ID / Gruppenname:
leftid=keyid:yourgroupname <--- matches ipsec.secrets!
# nerdberg Fritz!BOX IP
right=%62.91.20.242
rightsubnet=192.168.178.0/23
# Nutzername / Account
xauth_identity=yourusername <--- matches ipsec.secrets!
esp=aes256-sha1!
auto=route
/etc/ipsec.secrets: # IPSec-ID/ Gruppenname, PSec-Schlüssel / Shared Secret keyid:yourgroupname : PSK "xxxxxxxxxx" # Nutzername / Account:, Passwort yourusername : XAUTH "zzzzzzz"
Start mit "ipsec start", dann sieht man hoffentlich bald einen Eintrag in der Route-Table #220 (warum 220? Weiss der Geier.)
$ ip route list table 220 throw 172.17.2.0/24 proto static throw 172.17.16.0/24 proto static 192.168.178.0/23 via 172.17.2.1 dev eno1 proto static src 192.168.179.2
