How to IKEv2 VPN with Linux Mint using Pre-Shared Key
Guru Member
Based off
https://support.zyxel.eu/hc/en-us/articles/4406386526994-VPN-Configure-IKEv1-VPN-with-Linux-StrongSwan
Linux Mint 21.3
Setup VPN Gateway on USG
IKEv2
Pre-Shared Key 4342v952hf24c43tvb65n554b3fg < make your own
In advance Local ID type DNS
dnsip11.ddns.net < use your own
Phase 1
Encryption AES256
Authentication SHA256
key group DH2
Setup VPN connection on USG
Remote Access (Server Role)
VPN gateway you made
Local policy 0.0.0.0
Enable Configuration Payload
IP address pool 192.168.140.0/24
Phase 2
Encryption AES256
Authentication SHA256
PFS DH2
Note I was never able to have the VPN use a given DNS IP and so when VPN is up any DNS on other interfaces are uses down the VPN tunnel.
In Linux Mint
open a terminal
run su
apt-get install strongswan -y
In Linux Mint
open as root
file system > etc >
open ipsec.secrets
add
: PSK 4342v952hf24c43tvb65n554b3fg < use your own vpnclient : XAUTH "1qaz2wsx"
save
open ipsec.conf
add
conn vpn1
rightsubnet=0.0.0.0/0
leftid=vpnclient
leftauth=psk
leftauth2=xauth
leftsourceip=%config
leftfirewall=yes
right=dnsip11.ddns.net < use your own
rightauth=psk
auto=add
ike=aes256-sha2_256-modp1024!
esp=aes256-sha2_256!
save
In Linux Mint
open a terminal
run su
ipsec restart
ipsec up vpn1
All Replies
-
It looks awesome😎. Thanks for sharing.
0
Freshman Member
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
