What's new

Set Up L2TP Ipsec VPN client for asus RT-AC86U in Ubuntu

camulodunum

Occasional Visitor
I have an asus AC86U router with a VPN iPsec server that I've managed to configure and make it work in my Iphone and in my windows PC with the guides that asus have without much problem.

but know I have a proyect to make a raspberry pi that delivers that VPN troguth a lan port,and I'm struggling to make it work.

I've installed the strongswan vpn client and configured the pages like the example scenarios they have in their website with the scenario Ikev1+Xauth (That is what Asus uses for IPsec,I think) but I can't manage to find the Xauth key in my asus config page from router,and I'm not sure if I've done the config files well.
the VPN doesn't even respond to the first package when I try to start the client,and I'm sure the VPN is working since I use my Iphone client to check it before triying to start the VPN

these are the ipsec.config and ipsec.secrets files:

the net in my home network is 192.168.1.0/24 with gateway 192.168.1.1,and the same for the network that has the server.

and the virtual Ip range for the VPN is 10.10.10.0/24

this is the ipsec.config file


# ipsec.conf - strongSwan IPsec configuration file

# basic configuration

config setup
# strictcrlpolicy=yes
# uniqueids = no

# Add connections here.
conn %default
ikelifetime=1440m
keylife=60m
rekeymargin=3m
keyingtries=1
keyexchange=ikev1
authby=secret

conn asusrouter
left=192.168.1.1 #strongswan outside address
leftsubnet=192.168.1.0/24 #network behind strongswan
leftid=192.168.1.1 #IKEID sent by strongswan
leftauth=psk
leftauth2=xauth
leftfirewall=yes
right=(my server DDNS) #IOS outside address
rightsubnet=10.10.10.0/24 #network behind IOS
rightid=(my server DDNS) #IKEID sent by IOS
rightauth=psk
eap_identity=username
auto=add

and this is the ipsec.secrets file

# This file holds shared secrets or RSA private keys for authentication.

# RSA private key for this host, authenticating it to any other host
# which knows the public part.
192.168.1.1 192.168.1.1: PSK (my pre-shared key)
(VPN user): EAP (vpn password)
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top