I’m trying to connect to a VPN service with IKEv2. So I installed openswan from the repository and followed the instructions here:
So my ipsec.conf file looks like this:
conn SomeVPN
keyexchange=ikev2
dpdaction=clear
dpddelay=300s
eap_identity=“USERNAME”
leftauth=eap-mschapv2
left=%defaultroute
leftsourceip=%config
right=SERVERIP
rightauth=pubkey
rightsubnet=0.0.0.0/0
rightid=%any
type=tunnel
auto=add
I connect to the router with ssh, then I type
ipsec restart
ipsec up SomeVPN
then I can see what ipsec is doing. When it sends the first packet to the server, there’s no answer, and IPsec retries a few times before giving up.
- I can ping the server from the terminal
- The IP address of the server is correct
- I can connect with the server using StrongSwan for Android on my smartphone, which is connected to the AR300M.
My humble guess is that there is a routing problem. It shouldn’t be the firewall since the VPN works with a connected client.
I tried to find some info about OpenWRT and its firewall, but all I could find are vague, outdated or incomplete answers.
And I didn’t find anything about sharing that connection like OpenVPN can do.
I really wish I could make this work because IKEv2 is easily 3 times faster than OpenVPN.