StrongSwan ipsec.conf:config setup
charonstart=yes
plutostart=yes
conn %default
keyexchange=ikev2
ike=aes256-sha1-modp1536
conn siteA
left=3.3.3.3
leftsubnet=10.179.128.0/19
leftid=3.3.3.3
leftauth=psk
right=2.2.2.2
rightsubnet=10.10.0.0/16
rightid=2.2.2.2
rightauth=psk
auto=add
include /var/lib/strongswan/ipsec.conf.inc
StrongSwan ipsec.secrets:include /var/lib/strongswan/ipsec.secrets.inc
2.2.2.2 : PSK "12345"
3.3.3.3 : PSK "12345"
ASA Config:crypto map Outside_map 8 match address Outside_cryptomap_10
crypto map Outside_map 8 set pfs group5
crypto map Outside_map 8 set peer 3.3.3.3
crypto map Outside_map 8 set ikev2 ipsec-proposal AES256
crypto map Outside_map 8 set ikev2 pre-shared-key 12345
tunnel-group 3.3.3.3 type ipsec-l2l
tunnel-group 3.3.3.3 general-attributes
default-group-policy policy-3.3.3.3
tunnel-group 3.3.3.3 ipsec-attributes
ikev2 remote-authentication pre-shared-key 12345
ikev2 local-authentication pre-shared-key 12345
group-policy policy-3.3.3.3 internal
group-policy policy-3.3.3.3
vpn-tunnel-protocol ikev2
crypto ikev2 policy 1
encryption aes-256
integrity sha
group 5
prf sha
lifetime seconds 86400