AXT1800 with ikev2/ipsec - strongswan missing dependencies

Technical Support for Routers
1

I am looking to setup a site-to-site vpn using ikev2/ipsec with a AXT1800 to connect to a Palo Alto FW. It appears that they support strongswan but I’m not able to install it because of the following missing dependencies. I’m currently using the 4.1.0 firmware but see a 4.2.0 beta1 available.

  • pkg_hash_check_unresolved: cannot find dependency iptables-mod-ipsec for strongswan
  • pkg_hash_fetch_best_installation_candidate: Packages for strongswan found, but incompatible with the architectures configured
  • opkg_install_cmd: Cannot install package strongswan.

Any suggestions on how I can get this router connected via IPSEC with a global proxy (all traffic to go through VPN).

1 Like
2

I’d make a clean-ish OpenWrt builds using the gl-infra-builder and include whatever you need there. It’s going to be a lot easier to do that than trying to figure out how to do things with all the custom firewall stuff in the stock firmware. You will need to manage all of the rules yourself though, probably with a custom up/down script, which is a pain to figure out if you’ve never done it before. Be prepared for a long road. Doable, but not easy.