The updown.sh script from your link, uses the VTI interface. It seems that the VTI interface works on EdgeRouter, but not on OpenWrt so far.
So this is a problem of the OpenWrt configuration. Maybe it needs a special routing configuration?
I tried to reformat the instructions for OpenWrt, but without success. I only got RX packets, but no TX packets. See picture:
You or someone else can try to get VTI interface working. Then I can try to create a new updown.sh script.
Here are my last settings:
add to /etc/ipsec.conf:
mark_in=42
mark_out=42
/etc/strongswan.conf:
# strongswan.conf - strongSwan configuration file
#
# Refer to the strongswan.conf(5) manpage for details
#
# Configuration changes should be made in the included files
charon {
install_routes=no
install_virtual_ip=no
load_modular = yes
plugins {
include strongswan.d/charon/*.conf
}
}
include strongswan.d/*.conf
Terminal:
ip tunnel add ipsec0 local 192.168.1.1 remote <your-server-ip> mode vti key 42
sysctl -w net.ipv4.conf.ipsec0.disable_policy=1
ip link set ipsec0 up
ip route add 10.0.0.0/24 dev ipsec0
/etc/config/network:
config interface 'ipsec'
option proto 'none'
option delegate '0'
option ifname 'ipsec0'