The following Strogswan configuration is known to work

  1. Create a config file in your strongswan ipsec.d directory e.g. ivpn.conf with the following
    conn ivpn
        keyexchange=ikev2
        right=gb.gw.ivpn.net
        rightid=gb.gw.ivpn.net
        rightsubnet=0.0.0.0/0
        rightauth=pubkey
        leftsourceip=%config
        leftauth=eap-mschapv2
        eap_identity=ivpnUserName
        auto=start
        dpdaction=restart
    Change the right= and rightid= as appropriate for the server you want to connect to.
  2. Create a .secrets file e.g. ivpn.secrets in the strongswan ipsec.d directory e.g. ivpn.secrets with the following
    ivpnUserName : EAP "YourPassWord"
    Note that there is a space either side of the colon :.
  3. You may need to download this CA certificate and store it in a file located in your strongswan ipsec.d/cacerts directory.
  4. Tell strongswan to restart or reload it's config.
Was this answer helpful?

Can you please tell us how we can improve this article?