Hi,
I am trying to setup a VPN server on openWRT x86 platform.
The VPN server will serve both site-to-site and remote access vpn.
To accomplish this- I am using strongSwan 5.6.3 along with xl2tpd for
the remote access vpn part.
Why not IKEv2 with IPsec in tunnel mode without IKEv1 and L2TP?
Issue is when I load kmod-libipsec in charon I can't establish the l2tp
connection.
Definitely not if you have to use transport mode as libipsec only
supports tunnel mode (see the error messages in the log). If you can't
change the config accordingly, you can't use libipsec.
Meanwhile there is ipsec0 interface in the ifconfig and site to site
tunnel works.
If kmod-libipsec is not loaded remote vpn works but cant establish the
site to site vpn part.
Why is that? You should be able to set up a site-to-site tunnel without
issues using the kernel's IPsec implementation.
Regards,
Tobias
