So I'm new to EdgeOS, but here is where I am... I have a Linux box running Strongswan 5.x and it connects just fine to my Azure VPN. Here is the config:
conn neo-azure-vpn
closeaction=restart
dpdaction=restart
ike=3des-sha1-modp1024,aes128-sha1-modp1024
esp=3des-sha1,aes128-sha1
reauth=no
keyexchange=ikev2
mobike=no
ikelifetime=28800s
keylife=3600s
lifebytes=102400000
keyingtries=%forever
authby=secret
auto=start
left=206.253.xxx.xx
leftsubnet=192.168.53.0/24
leftid=206.253.xxx.xx
right=40.117.xxx.xxx
rightid=40.117.xxx.xxx
rightsubnet=10.4.0.0/14
I just got my new EdgeRouter and updated to EdgeOS 1.8 for Strongswan 5.x (with ikev2)
This is where I am with the config and no joy.
vpn {
ipsec {
auto-firewall-nat-exclude enable
esp-group FOO0 {
compression disable
lifetime 3600
mode tunnel
pfs disable
proposal 1 {
encryption aes256
hash sha1
}
}
ike-group FOO0 {
ikev2-reauth no
key-exchange ikev2
lifetime 28800
proposal 1 {
dh-group 2
encryption aes256
hash sha1
}
}
ipsec-interfaces {
interface eth0
}
nat-networks {
allowed-network 0.0.0.0/0 {
}
}
nat-traversal enable
site-to-site {
peer 40.117.xxx.xx {
authentication {
mode pre-shared-secret
pre-shared-secret MY SECRET
}
connection-type initiate
description Azure_MSDN
ike-group FOO0
ikev2-reauth inherit
local-address 67.xxx.xxx.x
tunnel 1 {
allow-nat-networks disable
allow-public-networks disable
esp-group FOO0
local {
prefix 192.168.25.0/24
}
remote {
prefix 10.4.0.0/14
}
}
}
}
}
}
I am also struggling to find any logging of any help...
Anybody see what I'm missing???
The EdgeRouter here is a different public IP and subnet than the Linux box, obviously.