I need to create site-to-site VPN with one server (Not on "strong swan"). I did everything by this article https://blog.ruanbekker.com/blog/2018/02/11/setup-a-site-to-site-ipsec-vpn-with-strongswan-and-preshared-key-authentication/
config setup
uniqueids=no
charondebug="cfg 2, dmn 2, ike 2, net 0"
conn %default
ikelifetime=86400s
keylife=3600s
#rekeymargin=3m
reauth=yes
rekey=yes
rekeyfuzz=0%
keyingtries=0
dpdaction=none
authby=psk
conn ToACB
authby=secret
keyexchange=ikev1
left=188.77.64.128
leftsubnet=10.133.78.0/24
leftid=188.77.64.128
leftfirewall=yes
right=82.11.134.146
rightsubnet=10.3.1.0/24
rightid=82.11.134.146
#type=tunnel
ike=aes256-sha-modp1536!
esp=aes256-sha-modp1536!
aggressive=no
auto=start
sudo cat /etc/ipsec.secrets
# This file holds shared secrets or RSA private keys for authentication.
# RSA private key for this host, authenticating it to any other host
# which knows the public part.
188.77.64.128 82.11.134.146 : PSK "test77"
ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 188.166.64.128 netmask 255.255.192.0 broadcast 188.166.127.255
inet6 fe80::e8ec:8bff:fe55:79db prefixlen 64 scopeid 0x20<link>
ether ea:ec:8b:55:79:db txqueuelen 1000 (Ethernet)
RX packets 18737 bytes 82207417 (82.2 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 16074 bytes 1375834 (1.3 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 144 bytes 11958 (11.9 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 144 bytes 11958 (11.9 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
I have not any NAT rules configured, like MASQUERADE
