I'm Leo come from China, because our GOV we can't vist Internet as wish as you like, but we have other way to do it so I can meet you here!!!
I'm just a new guy come here, I want to thank you very much if you can give me a hand with StrongSwan on OpenWRT. Because I try many many days and work hard but still can't connect it success!
I want to setup a l2tp over ipsec client on openwrt use strongswan, I install every thing to a desktop and it can work well as a router.
My environment is:
1.OpenWrt 19.07.1, r10911-c155900f66
2.Starting strongSwan 5.8.2
I setup router as this link said http://villasyslog.net/openwrt-pptp-l2tp-ikev2-setup-strongswan-vpn-client/
But it can't work, so I change some parameter and test again and aging......
Still can't connect success, so I come here ask for help and show your about detail.
**file1: /etc/ipsec.conf** basic configuration config setup strictcrlpolicy=yes uniqueids = no charondebug=all Add connections here. conn %default ikelifetime=60m keylife=20m rekeymargin=3m keyingtries=1 keyexchange=ikev1 (I try ikev2 first but can't work, then I use google that a lot of people use ikev1 for this, but still can't connect) Sample VPN connections conn L2TP-PSK authby=secret leftauth=psk auto=add keyingtries=3 dpddelay=30 dpdtimeout=120 dpdaction=clear rekey=yes ikelifetime=8h keylife=1h type=transport left=%defaultroute leftprotoport=17/1701 [right=xx.xx.com](http://right%3Dxx.xx.com/) (It can't use IP to setup because the server IP change everyday) rightauth=psk [rightid=xx.xx.com](http://rightid%3Dxx.xx.com/) rightprotoport=17/1701 auto=start dpddelay=40 dpdtimeout=130 dpdaction=clear **file2:/etc/ipsec.secrets** /etc/ipsec.secrets - strongSwan IPsec secrets file [xx.xx.com](http://xx.xx.com/) : PSK "xxxxxx" **file3:/etc/xl2tpd/xl2tpd.conf** [global] port = 1701 auth file = /etc/xl2tpd/xl2tp-secrets access control = no [lac strong-vpn] lns = [xx.xx.com](http://xx.xx.com/) ppp debug = yes pppoptfile = /etc/ppp/options.l2tpd.client length bit = yes bps = 1000000 **file4:/etc/ppp/options.l2tpd.client** ipcp-accept-local ipcp-accept-remote require-pap (I try to setup vpn client on my TPLINK router and I see log is PAP Aut, but it can't show me more for detail) noccp noauth idle 1800 mtu 1400 (See this value from TPLINK log too) mru 1400 defaultroute replacedefaultroute usepeerdns debug connect-delay 5000 name "user" password "password" lcp-echo-interval 20 lcp-echo-failure 5