<html><body><div style="color:#000; background-color:#fff; font-family:times new roman, new york, times, serif;font-size:12pt"><div><div style="margin-bottom: 1em; padding: 0px; border: 0px; font-size: 14px; vertical-align: baseline; clear: both; word-wrap: break-word; font-family: Arial, 'Liberation Sans', 'DejaVu Sans', sans-serif; line-height: 18px; text-align: left; ">I have configured a ubuntu 12.04 64-bit server machine on Amazon EC2 to act as a strongswan IPSEC server. I want to connect to it from my MAC OSX Mountain Lion's inbuilt IPSEC client. The OSX machine is in my home network.</div><div style="margin-bottom: 1em; padding: 0px; border: 0px; font-size: 14px; vertical-align: baseline; clear: both; word-wrap: break-word; font-family: Arial, 'Liberation Sans', 'DejaVu Sans', sans-serif; line-height: 18px; text-align: left; ">I log into the AWS machine using a ssh to ubuntu@public-ip and I provide the private RSA key in form of .pem file which I
downloaded when the machine instance was created. The ssh connection works file but the IPSEC connection fails.</div><div style="margin-bottom: 1em; padding: 0px; border: 0px; font-size: 14px; vertical-align: baseline; clear: both; word-wrap: break-word; font-family: Arial, 'Liberation Sans', 'DejaVu Sans', sans-serif; line-height: 18px; text-align: left; ">What credentials/configurations should I provide for an IPSEC connection on the ubuntu server? My OSX machine is behind an ISP provided modem/router.</div><div style="margin-bottom: 1em; padding: 0px; border: 0px; font-size: 14px; vertical-align: baseline; clear: both; word-wrap: break-word; font-family: Arial, 'Liberation Sans', 'DejaVu Sans', sans-serif; line-height: 18px; text-align: left; ">Here's my /etc/ipsec.conf on the EC2 Ubuntu server</div><div style="margin-bottom: 1em; padding: 0px; border: 0px; font-size: 14px; vertical-align: baseline; clear: both; word-wrap: break-word; font-family:
Arial, 'Liberation Sans', 'DejaVu Sans', sans-serif; line-height: 18px; text-align: left; "><div style="margin-bottom: 1em; padding: 0px; border: 0px; vertical-align: baseline; clear: both; word-wrap: break-word; ">conn amazonec2</div><div style="margin-bottom: 1em; padding: 0px; border: 0px; vertical-align: baseline; clear: both; word-wrap: break-word; "> authby=secret</div><div style="margin-bottom: 1em; padding: 0px; border: 0px; vertical-align: baseline; clear: both; word-wrap: break-word; "> auto=start</div><div style="margin-bottom: 1em; padding: 0px; border: 0px; vertical-align: baseline; clear: both; word-wrap: break-word; "> forceencaps=yes</div><div style="margin-bottom: 1em; padding: 0px; border: 0px; vertical-align: baseline; clear: both; word-wrap: break-word; "> # use %defaultroute to find our local IP, since it is dynamic</div><div style="margin-bottom: 1em;
padding: 0px; border: 0px; vertical-align: baseline; clear: both; word-wrap: break-word; "> left=%defaultroute</div><div style="margin-bottom: 1em; padding: 0px; border: 0px; vertical-align: baseline; clear: both; word-wrap: break-word; "> # set our ID to our elastic IP</div><div style="margin-bottom: 1em; padding: 0px; border: 0px; vertical-align: baseline; clear: both; word-wrap: break-word; "> leftid=174.129.225.250</div><div style="margin-bottom: 1em; padding: 0px; border: 0px; vertical-align: baseline; clear: both; word-wrap: break-word; "> leftsubnet=10.249.45.0/24 # IP of the VM is 10.249.45.67</div><div style="margin-bottom: 1em; padding: 0px; border: 0px; vertical-align: baseline; clear: both; word-wrap: break-word; "> # set our desired source IP to the Elastic IP. Openswan will create interface address and route</div><div style="margin-bottom: 1em;
padding: 0px; border: 0px; vertical-align: baseline; clear: both; word-wrap: break-word; "> leftsourceip=174.129.225.250</div><div style="margin-bottom: 1em; padding: 0px; border: 0px; vertical-align: baseline; clear: both; word-wrap: break-word; "> right=192.168.1.6 # IP adress of he OSX machine</div><div style="margin-bottom: 1em; padding: 0px; border: 0px; vertical-align: baseline; clear: both; word-wrap: break-word; "> rightsubnet=192.168.1.0/24</div><div><br></div></div><div style="margin-bottom: 1em; padding: 0px; border: 0px; font-size: 14px; vertical-align: baseline; clear: both; word-wrap: break-word; font-family: Arial, 'Liberation Sans', 'DejaVu Sans', sans-serif; line-height: 18px; text-align: left; color: rgb(0, 0, 0); background-color: transparent; font-style: normal; ">Appreciate any help and thanks in advance</div></div></div></body></html>