IPSec with IKEv2 setup guide

The following Strogswan configuration is known to work:

Create a config file in your strongswan ipsec.d directory e.g. ivpn.conf with the following

conn ivpn
    keyexchange=ikev2
    right=gb.gw.ivpn.net
    rightid=gb.gw.ivpn.net
    rightsubnet=0.0.0.0/0
    rightauth=pubkey
    leftsourceip=%config
    leftauth=eap-mschapv2
    eap_identity=ivpnaccountID
    auto=start
    dpdaction=restart

Change the right= and rightid= as appropriate for the server you want to connect to. The ivpnaccountID is case-sensitive.

Create a .secrets file e.g. ivpn.secrets in the strongswan ipsec.d directory e.g. ivpn.secrets with the following
```
ivpnaccountID : EAP "ivpn"
```
Note that there is a space either side of the colon :.
Depending on your Linux distribution and version, you may need to download some or all of the following certificates and store them in files located in your strongswan ipsec.d/cacerts directory:

https://letsencrypt.org/certs/letsencryptauthorityx3.pem.txt
https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem.txt
https://letsencrypt.org/certs/trustid-x3-root.pem.txt
https://letsencrypt.org/certs/isrgrootx1.pem.txt
Tell strongswan to restart or reload it’s config.

Spotted a mistake or have an idea on how to improve this page?
Suggest an edit on GitHub.