On Ubantu machine I'm tying to Create the IPSEC tunnel with below details:
sudo ip xfrm policy
src 0.0.0.0/0 dst 0.0.0.0/0
socket in priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
socket out priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
socket in priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
socket out priority 0
src ::/0 dst ::/0
socket in priority 0
src ::/0 dst ::/0
socket out priority 0
src ::/0 dst ::/0
socket in priority 0
src ::/0 dst ::/0
socket out priority 0
when epsec statusall is executed
output :: sudo ipsec statusall
Status of IKE charon daemon (strongSwan 5.9.1, Linux 4.15.0-133-generic, x86_64):
uptime: 22 seconds, since Feb 17 12:25:27 2021
malloc: sbrk 1482752, mmap 0, used 377952, free 1104800
worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 0
loaded plugins: charon aes des rc2 sha2 sha1 md5 mgf1 random nonce x509
revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp curve25519 xcbc cmac hmac drbg attr kernel-netlink resolve socket-default stroke vici updown xauth-generic counters
Listening IP addresses:
192.168.33.191
10.0.0.5
50.0.0.1
Connections:
tunnel: 50.0.0.1...10.0.0.5 IKEv2, dpddelay=30s
tunnel: local: [C=CH, O=strongSwan, CN=device1] uses public key
authentication
tunnel: remote: [C=CH, O=strongSwan, CN=device2] uses public key authentication
tunnel: cert: "C=CH, O=strongSwan, CN=device2"
tunnel: child: 50.0.0.0/24 === 10.0.0.0/24 TUNNEL, dpdaction=restart
Security Associations (0 up, 0 connecting):
none::
dont understand why isnt the other side connecting as ipsec.conf has been set and also commands like ipsec pki has been executed and placed in /usr/local/etc/ipsec.d
