Connect CentOs To Zyxel USG 100 via VPN IPSEC

simsar78
simsar78 Posts: 5
edited December 2021 in Security
Hello I have Zyxel USG 100 and I need to connect my ContOS.
I have a many windows 10 connected to Zyxel with this software: "ZyWALL IPSec VPN Client" and it's works.
How I can connect my centOS ?
I no have GUI on CentOS. Only CLI.

I connect windows client with IPSEC IKEv1 whit password.

thanks

Accepted Solution

All Replies

  • WJS
    WJS Posts: 123  Ally Member
    First Anniversary 10 Comments Friend Collector First Answer
    I thought you should use L2TP instead of IPSec Client on CentOS.
    It seem they will work with xl2tp,ppp package. And you don't need GUI as well.
  • Hello, thank you for response.
    Con you give me an installation and configure procedure ?

  • WJS
    WJS Posts: 123  Ally Member
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓
  • Thanks you very much.

    Can i implement this guide on my CentOS without username e password for VPN ?

    I have only PSK and server IP

  • WJS
    WJS Posts: 123  Ally Member
    First Anniversary 10 Comments Friend Collector First Answer
    In line 56, you might declare PSK for varaibles "VPN_IPSEC_PSK" first,  I'll try that as well . 
  • Ok. I try and give you a response.
    Have a good day.
  • simsar78
    simsar78 Posts: 5
    edited January 2022
    Hello, I have tried only today.
    i have configured all from your url. I no have insered two lines because I no have this.

    name e password

    when up the vpn I received this info:

    strongswan up myvpn
    initiating Main Mode IKE_SA myvpn[2] to x.x.x.x
    generating ID_PROT request 0 [ SA V V V V V ]
    sending packet: from 192.168.1.22[500] to x.x.x.x[500] (212 bytes)
    received packet: from x.x.x.x[500] to 192.168.1.22[500] (102 bytes)
    parsed INFORMATIONAL_V1 request 208613349 [ N(NO_PROP) ]
    received NO_PROPOSAL_CHOSEN error notify
    establishing connection 'myvpn' failed
  • WJS
    WJS Posts: 123  Ally Member
    First Anniversary 10 Comments Friend Collector First Answer
    Sorry, I forget to update my test result.
    I can connect via CentOS CLI. find following screenshot.
    Here are my Suite:
    Phase1:  LocalID: Interface IP ,   Main mode , AES128-SHA1 ,DH2,  No NAT-T,No DPD,No X-Auth
    Phase2:  Full tunnel,   ESP, Transport, AES128-SHA1 ,DH2


Security Highlight