I have two ACM32000 routers that I have an IPSEC Strongswan tunnel between them. It worked well when I had version 19.07.8 but when I upgraded one router to 21.02.1 I did not get the tunnel up.
It was some small problems to upgrade the router to 21.02.1 so I did a new installation because it can always be good to clean the installation. Has done clean installation before and has previously managed to get the VPN tunnel up.
I get this message:
root@OpenWrt:/etc# ipsec status Shunted Connections: passthrough0: 192.168.71.0/24 === 192.168.71.0/24 PASS Security Associations (1 up, 0 connecting): Test_71: ESTABLISHED 2 hours ago, xxx.xxx.217.82[xxx.xxx.217.82]...xxx.xxx.164.154[xxx.xxx.164.154]
There were some changes in the configuration between version 19 and 21 and I had to change the following in / etc / config / networks
OpenWrt version 19
config interface 'ipsec' option ifname 'ipsec0' option proto 'none' option defaultroute '0' option peerdns '0' option ipv6 '0'
OpenWrt version 21
config interface 'ipsec' option device 'ipsec0' option proto 'none' option defaultroute '0' option peerdns '0' option ipv6 '0'
Here is my config of VPN Zone in /etc/config/firewall and I have same config
config zone option name 'vpn' list network 'ipsec' option input 'ACCEPT' option output 'ACCEPT' option forward 'ACCEPT' option masq '1' option mtu_fix '1' config forwarding option src 'vpn' option dest 'lan' config forwarding option src 'lan' option dest 'vpn'
I think I missed some small detail somewhere in the configuration but I can not find it.