IPsec between Strongswan on AWS and Cisco IOS behind a NAT
My Strongswan : Local IP: 172.30.0.37 Elastic IP: 19.215.188.2 OS: Ubuntu My WAN: – Customer grade broadband Internet – Public IP:28.77.250.17 – connect to my fiber optics – Local gateway IP: 192.168.1.100 – we need to setup porftforwarding : UDP port 4500,500, to our router interface 192.16.1.108 My Cisco: – Cisco 1841 – fa0/1 : 192.168.1.108 – connect to My WAN router local interface – fa0/0: 172.16.8.254 – connect to my local switch / pc My Strongswan config: /etc/ipsec.conf config setup # strictcrlpolicy=yes # uniqueids = no conn %default ikelifetime=1440m keylife=60m rekeymargin=3m keyingtries=1 keyexchange=ikev1 authby=secret conn myremoteoffice left=172.30.0.37 #strongswan outside address leftsubnet=172.30.0.0/24,0.0.0.0/0 #network behind strongswanRead More →