IPSec Road warrior Linux Client

I was wondering if anyone had a basic example for configuring road warrior with Linux CLI.

I managed to get the Strongswan android client connected but having a bit less luck with Linux.

Thought the output could be useful for the wiki.

I agree, however I cannot help unfortunately. I managed to get IPSec working on MacOS but I do not have a linux box.

If you manage to succeed, would you post here your configuration?

I managed to get charon-cmd working using the following command example:

sudo charon-cmd --host hostname --identity remoteid --cert cacert.pem --p12 example.p12

where the identity is specified in the ipfire connection configuration…e.g REMOTE ID: @remoteid.

Additionally, both cacert.pem and example.p12 are stored in the directory this command is run from.

Also, the below ipsec.conf works for running as system process. As above, local / remote ids are specified and cacert / p12 files are stored in the following locations:


# ipsec.conf - strongSwan IPsec configuration file

# basic configuration
config setup
conn ikev2
        leftid=remoteid #e.g. REMOTE ID: @remoteid
        right=hostname # server hostname
        rightid=localid #e.g. LOCAL ID: @localid

1 Like