Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1192
Views
0
Helpful
1
Replies

Linux OpenSwan site to site vpn with cisco ASA

gautamanish
Level 1
Level 1

‎11-27-2018 02:50 AM

Hi Experts

i am trying to configure IKEv1 ipsec tunnel between Cisco ASA 9.6(4)8 and openswan linux machine in AWS but unable to get the phase-1 up. below is the config of openswan. could you please suggest whats going wrong

 

=====openswan config=========

conn host-to-host-tunnel1
#General connection config
type=tunnel
authby=secret
auto=start
#dpddelay=2s
#dpdtimeout=10s
#dpdaction=restart
rekey=yes
keyingtries=%forever
#Network/Routing config: Host Side
left=34.249.27.133
leftnexthop=%defaultroute
leftsubnet=10.40.17.0/24
#Network/Routing config: Remote side
right=81.144.222.74
rightnexthop=%defaultroute
rightsubnets=10.255.193.144/28
#Phase-1 Config
keyexchange=ikev1
ike=aes256-sha1;modp1024
ikelifetime=28800s
#Phase-2 Config
auth=esp
esp=aes256-sha1
pfs=no
compress=no
keylife=3600s

Labels:
0 Helpful
1 Reply 1

JP Miranda Z
Cisco Employee
Cisco Employee

‎11-30-2018 05:54 AM

Hi gautamanish,

The config you are sharing looks fine, can you share also the ASA config so we can confirm everything is matching?

Hope this info helps!!

Rate if helps you!!

-JP-
0 Helpful
Customers Also Viewed These Support Documents