| 90.10. Ubuntu Strongswan VPN Client with IKEv2 Mode | ||
|---|---|---|
 | Chapter 90. IPsec clients |  |
| 90.10. Ubuntu Strongswan VPN Client with IKEv2 Mode | ||
|---|---|---|
| | Chapter 90. IPsec clients | |
You need to install network-manager-strongswan, then configure it through network manager.
sudo apt install network-manager-strongswanThis table show the parameters of Ubuntu Strongswan VPN Client and their corresponding parameters in Abilis configuration.
Table 90.11. Checklist of parameters
| The Ubuntu Strongswan VPN client parameter | Abilis IKE Table | Abilis IKE Table parameter |
|---|---|---|
| Server Address | HOST | LOC-IP |
| Server Identity | HOST | ID |
| Client Identity | HOST | PEER-ID |
| Client Password | PSK | KEY |
Please enter the following commands to configure the VPN in Abilis. Refer to Section 83.19.1, “How to configure a RAS using IPSEC VPN server” to for the configuration of IPsec and IKE resources.
[14:51:53] ABILIS_CPX:a ike host:10 mode:ike2 locip:80.80.80.80 remip:* side:inside hash:sha256 ID-TYPE:FQDN id:abilis peer-id-type:FQDN peer-id:ubuntu name:Ubuntu_IKE2COMMAND EXECUTED [14:55:35] ABILIS_CPX:a ike cli:10 host:10 net-loc:0.0.0.0/0 net-rem:10.0.2.10/32 pfs:no name:Ubuntu_IKE2_CliCOMMAND EXECUTED [14:55:44] ABILIS_CPX:a ike psk:10 key:24ubuntu20ike2pskey$ peer-id-type:fqdn peer-id:ubuntuCOMMAND EXECUTED
![[Caution]](../images/caution.png) | Caution |
|---|---|
To activate the changes made, execute the initialization command init res:ike. |
To view the configuration made above, use the following commands.
[14:57:49] ABILIS_CPX:d ike host:10 -cli------------------------------------------------------------------------------- HOST: NAME: LIFETIME: HASH: DPD: DPD-ACTION: LOCIP: NATT: MODE: MODE-CFG: DH: DPD-DELAY: REMIP: SIDE: AUTH: AUTH2: CIPHER: SA-TRY: DPD-TOUT: AUTH2-USER: AUTH2-PWD: -- ID ------------------------------------------------------------------- ID-TYPE: IP:/ID: PEER-ID-TYPE: PEER-IP:/PEER-ID: -- RSA Cert ------------------------------------------------------------- CERT-SEND: ASN1-DN: CERT-PEER: PEER-ASN1-DN: CERT-VERIFY: ------------------------------------------------------------------------------- 10 Ubuntu_IKE2 3600 SHA256 YES STOP 080.080.080.080 YES IKE2 MODP2048 30 * INSIDE PSK NO AES256 3 120 -- ID ------------------------------------------------------------------- FQDN abilis FQDN ubuntu ------------------------------------------------------------------------------- IKE Clients: ------------------------------------------------------------------------------- CLI: NAME: LIFETIME: ESP: AH: HOST: NET-LOC: RULE: PASSIVE: PFS: ESP-AUTH: AH-AUTH: NET-REM: PERMANENT: TUNNEL: ESP-CIPHER: MODE-CFG-DNS: ------------------------------------------------------------------------------- 10 Ubuntu_IKE2_Cli 28800 YES NO 10 000.000.000.000/00 IPSEC YES NO SHA1 SHA1 010.000.002.010/32 YES YES AES256 SYS ------------------------------------------------------------------------------- [14:57:52] ABILIS_CPX:d ike psk:10------------------------------------------------------------------------------- PSK: KEY: PEER-ID-TYPE: PEER-IP:/PEER-ID: ------------------------------------------------------------------------------- 10 ******** FQDN ubuntu
To configure an Ubuntu Strongswan VPN connection with Abilis, follow these settings:
Now you need to left click on your network manager applet (Located in your notification area) And choose "Settings":
In the Ubuntu settings, go to Networks.
In the VPN section, press the + button and choose VPN connection type as "IPsec/IKEv2(strongswan)":
Enter Abilis details and click "Save".
To connect, tap the indicators in the upper right corner and select "VPN Off" » Connect (if you have multiple VPN connections set up, you'll need to select the appropriate one).
| |  | |
| 90.9. Ubuntu Cisco VPN Client with Aggressive Mode |  | 90.11. Windows native VPN Client with IKEv2 Mode |
![[Tip]](../images/tip.png)