Openswan <-> VyOS

Home » CentOS » Openswan <-> VyOS
CentOS 2 Comments

Hello,

I’m having a bit of trouble connecting our current CentOS Openswan server with a Vyos server via IPSec.

I’ve posted this on the VyOS forums, but haven’t had many helpful responses, so I thought I would ask here.

http://forum.vyos.net/showthread.php?tid&504&pid)703#pid29703

Basically our Openswan configuration is as follows:

conn VYOS
keyingtries=0
keylife m
ikelifetime=2h
left=
right=
leftsubnets={
10.1.1.0/24,10.1.2.0/24,10.1.3.0/24,10.1.4.0/24,10.1.5.0/24}
rightsubnets={10.2.1.0/24,10.2.2.0/24,10.2.3.0/24,10.2.4.0/24}
auto=start
authby=secret
dpddelay0
dpdtimeout0
dpdaction=hold
phase2alg

2 thoughts on - Openswan <-> VyOS

  • Maybe the other end is not supporting needed ciphers? Try other selections?

    Eero

    2016-02-17 16:38 GMT+02:00 John Cenile :

  • Almost all of the openswan developers left the project and created a fork named libreswan. You should switch in order to use an actively maintained product. The configuration files are basically the same.

    On VyOS only? I don’t think that’s going to work with a single open/libreswan tunnel. I could be wrong, if it was working with 5
    tunnels, but it seems problematic. Try to figure out how to specify multiple routes in a single tunnel:
    http://forum.vyos.net/showthread.php?tid667