IKEv2 VPN Client Setup on Debian Squeeze

Recently my company was set up a Windows 2008 VPN server. It is configured to accept only SSTP and IKEv2 protocols.

I did not find any working clients for Linux that uses SSTP protocol, but for IKEv2 strongSwan provides a quite easily configurable and working solution.

To set up the VPN client I did the following:

1. Installed the strongswan-ikev2 package.
# apt-get install strongswan-ikev2

2. Configured the /etc/ipsec.conf file (changed the bold values):

# ipsec.conf - strongSwan IPsec configuration file

# basic configuration

config setup
charonstart=yes
plutostart=yes

# Add connections here.
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
keyexchange=ikev2

conn companyvpn
leftfirewall=yes
leftauth=eap
eap_identity=username
right=serverip
rightauth=pubkey
rightid="C=XX, ST=State, L=Location, O=Organization, OU=OrgUnit, CN=CommonName, E=email"
rightsubnet=192.168.1.0/24
auto=add
leftsourceip=%config

include /var/lib/strongswan/ipsec.conf.inc


3. Set up the password for the user name in the /etc/ipsec.secrets file:
username : EAP "password"

4. Put the certificate of the Certificate Authory into the /etc/ipsec.d/cacerts/ directory to trust the certificates which was created by this CA:
# mv CA.cer /etc/ipsec.d/cacerts/

5. Restart ipsec:
# /etc/init.d/ipsec restart

6. To run the VPN connection type:
# ipsec up companyvpn

7. Use the VPN connection.
8. To stop the VPN connection type:
# ipsec down companyvpn

3 comments:

alfred03white said...

I want to thank you for sharing this configuration to set up VPN client but in future if you ever want to go for some free VPN service, I will suggest you to go for hidemyass vpn review first. I also did the same and it actually helped me to get a VPN of my needs.

Unknown said...

IKEv2 is a VPN protocol and it stands for Internet Key Exchange version 2 and it was developed by Microsoft in partnership with Cisco. The IKEv2 is a tunneling protocol and when you pair it with a suite for authentication such as IPSec then it becomes a true and very solid VPN protocol which is using in FastestVPN.

Elvira Albert said...

Cyber Monday Special Deal - Get Ivacy VPN on this cyber monday for Just $1.34/Month

Best VPN Deal

Use promo code icm10 for discount price