cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
340
Views
0
Helpful
1
Replies
Beginner

Linux OpenSwan site to site vpn with cisco ASA

Hi Experts

i am trying to configure IKEv1 ipsec tunnel between Cisco ASA 9.6(4)8 and openswan linux machine in AWS but unable to get the phase-1 up. below is the config of openswan. could you please suggest whats going wrong

 

=====openswan config=========

conn host-to-host-tunnel1
#General connection config
type=tunnel
authby=secret
auto=start
#dpddelay=2s
#dpdtimeout=10s
#dpdaction=restart
rekey=yes
keyingtries=%forever
#Network/Routing config: Host Side
left=34.249.27.133
leftnexthop=%defaultroute
leftsubnet=10.40.17.0/24
#Network/Routing config: Remote side
right=81.144.222.74
rightnexthop=%defaultroute
rightsubnets=10.255.193.144/28
#Phase-1 Config
keyexchange=ikev1
ike=aes256-sha1;modp1024
ikelifetime=28800s
#Phase-2 Config
auth=esp
esp=aes256-sha1
pfs=no
compress=no
keylife=3600s

Everyone's tags (2)
1 REPLY 1
Highlighted
Cisco Employee

Re: Linux OpenSwan site to site vpn with cisco ASA

Hi gautamanish,

The config you are sharing looks fine, can you share also the ASA config so we can confirm everything is matching?

Hope this info helps!!

Rate if helps you!!

-JP-