Zyxek USG VPN with OpenSwan - can you share working configurations?
I seem to have considerable issues to get a VPN between a Zyxel USG 300 and OpenSwan VPN Server on CentOS to work.
I think I have tried dozens of combinations. The main issue is to find the right encryption/authentication settings between the two VPN servers.
I would appreciate, in case one of you has a working setup, you could share that with me.
Thanks a lot
Dan
I think I have tried dozens of combinations. The main issue is to find the right encryption/authentication settings between the two VPN servers.
I would appreciate, in case one of you has a working setup, you could share that with me.
Thanks a lot
Dan
0
All Replies
-
@grokit
Regarding to your request,
you can check below as your reference.Example on USG:
Example on OpenSwan:
# basic configuration
config setup
charondebug="all"
strictcrlpolicy=no
# uniqueids = no
# Add connections here.
conn Zywall 110
type=tunnel
keyexchange=ikev1
authby=secret
left=192.168.111.20
leftid=192.168.111.20
leftsubnet=172.16.1.0/24
right=192.168.111.51
rightid=0.0.0.0
rightsubnet=192.168.1.0/24
ike=aes-sha-modp1024!
esp=aes-sha-modp1024!
keyingtries=0
ikelifetime=1d
lifetime=8h
dpddelay=30
dpdtimeout=120
dpdaction=restart
auto=route
Charlie0 -
Thanks @Zyxel_Charlie
I got it running in the meantime, but with different setup. It seems to be a bit unstable, though.
I will try your solution as well. I hope it's better :-)
Dan0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 147 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight