dan
/
docs
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
docs/mindstab.net_blog/references/strongswan/trick77.com/strongswan-5-vpn-ubuntu-14-.../index.html

1258 lines
72 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html lang="en-US" prefix="og: http://ogp.me/ns#">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width">
<title>strongSwan 5 based IPSec VPN, Ubuntu 14.04 LTS and PSK/XAUTH | trick77.com</title>
<link rel="profile" href="http://gmpg.org/xfn/11">
<link rel="pingback" href="https://trick77.com/xmlrpc.php">
<!--[if lt IE 9]>
<script src="https://trick77.com/wp-content/themes/ThemeAlley.Business/js/html5shiv.js"></script>
<![endif]-->
<!-- This site is optimized with the Yoast SEO plugin v3.0.6 - https://yoast.com/wordpress/plugins/seo/ -->
<link rel="canonical" href="index.html" />
<meta property="og:locale" content="en_US" />
<meta property="og:type" content="article" />
<meta property="og:title" content="strongSwan 5 based IPSec VPN, Ubuntu 14.04 LTS and PSK/XAUTH | trick77.com" />
<meta property="og:description" content="I prefer strongSwan over Openswan because it&#8217;s still in active development, easier to setup and doesn&#8217;t require a L2TP daemon. I prefer a simple IKEv1 setup using PSK and XAUTH over certificates. If you plan to share your VPN server with your friends it&#8217;s also a lot easier to setup for them without certificates. I &hellip;" />
<meta property="og:url" content="https://trick77.com/strongswan-5-vpn-ubuntu-14-04-lts-psk-xauth/" />
<meta property="og:site_name" content="trick77.com" />
<meta property="article:tag" content="linux" />
<meta property="article:tag" content="how-to" />
<meta property="article:tag" content="ios" />
<meta property="article:tag" content="os x" />
<meta property="article:tag" content="ubuntu" />
<meta property="article:tag" content="vpn" />
<meta property="article:tag" content="strongswan" />
<meta property="article:section" content="Security" />
<meta property="article:published_time" content="2014-05-04T16:31:45+00:00" />
<meta property="article:modified_time" content="2014-05-07T20:12:27+00:00" />
<meta property="og:updated_time" content="2014-05-07T20:12:27+00:00" />
<!-- / Yoast SEO plugin. -->
<link rel="alternate" type="application/rss+xml" title="trick77.com &raquo; Feed" href="https://trick77.com/feed/" />
<link rel="alternate" type="application/rss+xml" title="trick77.com &raquo; Comments Feed" href="https://trick77.com/comments/feed/" />
<link rel="alternate" type="application/rss+xml" title="trick77.com &raquo; strongSwan 5 based IPSec VPN, Ubuntu 14.04 LTS and PSK/XAUTH Comments Feed" href="https://trick77.com/strongswan-5-vpn-ubuntu-14-04-lts-psk-xauth/feed/" />
<script type="text/javascript">
window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/72x72\/","ext":".png","source":{"concatemoji":"https:\/\/trick77.com\/wp-includes\/js\/wp-emoji-release.min.js?ver=4.4"}};
!function(a,b,c){function d(a){var c=b.createElement("canvas"),d=c.getContext&&c.getContext("2d");return d&&d.fillText?(d.textBaseline="top",d.font="600 32px Arial","flag"===a?(d.fillText(String.fromCharCode(55356,56806,55356,56826),0,0),c.toDataURL().length>3e3):("simple"===a?d.fillText(String.fromCharCode(55357,56835),0,0):d.fillText(String.fromCharCode(55356,57135),0,0),0!==d.getImageData(16,16,1,1).data[0])):!1}function e(a){var c=b.createElement("script");c.src=a,c.type="text/javascript",b.getElementsByTagName("head")[0].appendChild(c)}var f,g;c.supports={simple:d("simple"),flag:d("flag"),unicode8:d("unicode8")},c.DOMReady=!1,c.readyCallback=function(){c.DOMReady=!0},c.supports.simple&&c.supports.flag&&c.supports.unicode8||(g=function(){c.readyCallback()},b.addEventListener?(b.addEventListener("DOMContentLoaded",g,!1),a.addEventListener("load",g,!1)):(a.attachEvent("onload",g),b.attachEvent("onreadystatechange",function(){"complete"===b.readyState&&c.readyCallback()})),f=c.source||{},f.concatemoji?e(f.concatemoji):f.wpemoji&&f.twemoji&&(e(f.twemoji),e(f.wpemoji)))}(window,document,window._wpemojiSettings);
</script>
<style type="text/css">
img.wp-smiley,
img.emoji {
display: inline !important;
border: none !important;
box-shadow: none !important;
height: 1em !important;
width: 1em !important;
margin: 0 .07em !important;
vertical-align: -0.1em !important;
background: none !important;
padding: 0 !important;
}
</style>
<link rel='stylesheet' id='yarppWidgetCss-css' href='../wp-content/plugins/yet-another-related-posts-plugin/style/widget.css?ver=4.4' type='text/css' media='all' />
<link rel='stylesheet' id='contact-form-7-css' href='../wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.3.1' type='text/css' media='all' />
<link rel='stylesheet' id='font-awesome-four-css' href='../wp-content/plugins/font-awesome-4-menus/css/font-awesome.min.css?ver=4.5.0' type='text/css' media='all' />
<link rel='stylesheet' id='themealley_business-style-css' href='../wp-content/themes/ThemeAlley.Business/style.css?ver=4.4' type='text/css' media='all' />
<link rel='stylesheet' id='slickr-flickr-css' href='../wp-content/plugins/slickr-flickr/styles/public.css?ver=2.5.4' type='text/css' media='all' />
<link rel='stylesheet' id='slickr-flickr-lightbox-css' href='../wp-content/plugins/slickr-flickr/styles/lightGallery.css?ver=1.0' type='text/css' media='all' />
<link rel='stylesheet' id='dashicons-css' href='../wp-includes/css/dashicons.min.css?ver=4.4' type='text/css' media='all' />
<link rel='stylesheet' id='thickbox-css' href='../wp-includes/js/thickbox/thickbox.css?ver=4.4' type='text/css' media='all' />
<link rel='stylesheet' id='galleria-classic-css' href='../wp-content/plugins/slickr-flickr/galleria/themes/classic/galleria.classic.css?ver=1.4.2' type='text/css' media='all' />
<link rel='stylesheet' id='wordpress-popular-posts-css' href='../wp-content/plugins/wordpress-popular-posts/style/wpp.css?ver=3.3.2' type='text/css' media='all' />
<link rel='stylesheet' id='yarppRelatedCss-css' href='../wp-content/plugins/yet-another-related-posts-plugin/style/related.css?ver=4.4' type='text/css' media='all' />
<link rel='stylesheet' id='A2A_SHARE_SAVE-css' href='../wp-content/plugins/add-to-any/addtoany.min.css?ver=1.11' type='text/css' media='all' />
<script type='text/javascript' src='../wp-includes/js/jquery/jquery.js?ver=1.11.3'></script>
<script type='text/javascript' src='../wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1'></script>
<script type='text/javascript' src='../wp-content/plugins/wp-retina-2x/js/retina-cookie.js?ver=1.7.2'></script>
<script type='text/javascript' src='../wp-content/themes/ThemeAlley.Business/js/tinynav.min.js?ver=4.4'></script>
<!--[if lt IE 9]>
<link rel='stylesheet' href='https://trick77.com/wp-content/themes/ThemeAlley.Business/css/fixed.css' type='text/css' media='all' />
<![endif]--><!--[if lt IE 8]>
<link rel='stylesheet' href='https://trick77.com/wp-content/themes/ThemeAlley.Business/css/ie.css' type='text/css' media='all' />
<![endif]--><link rel='https://api.w.org/' href='https://trick77.com/wp-json/' />
<link rel="EditURI" type="application/rsd+xml" title="RSD" href="https://trick77.com/xmlrpc.php?rsd" />
<link rel="wlwmanifest" type="application/wlwmanifest+xml" href="https://trick77.com/wp-includes/wlwmanifest.xml" />
<link rel='shortlink' href='https://trick77.com/?p=4821' />
<link rel="alternate" type="application/json+oembed" href="https://trick77.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Ftrick77.com%2Fstrongswan-5-vpn-ubuntu-14-04-lts-psk-xauth%2F" />
<link rel="alternate" type="text/xml+oembed" href="https://trick77.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Ftrick77.com%2Fstrongswan-5-vpn-ubuntu-14-04-lts-psk-xauth%2F&#038;format=xml" />
<script type="text/javascript"><!--
var a2a_config=a2a_config||{},wpa2a={done:false,html_done:false,script_ready:false,script_load:function(){var a=document.createElement('script'),s=document.getElementsByTagName('script')[0];a.type='text/javascript';a.async=true;a.src='https://static.addtoany.com/menu/page.js';s.parentNode.insertBefore(a,s);wpa2a.script_load=function(){};},script_onready:function(){wpa2a.script_ready=true;if(wpa2a.html_done)wpa2a.init();},init:function(){for(var i=0,el,target,targets=wpa2a.targets,length=targets.length;i<length;i++){el=document.getElementById('wpa2a_'+(i+1));target=targets[i];a2a_config.linkname=target.title;a2a_config.linkurl=target.url;if(el){a2a.init('page',{target:el});el.id='';}wpa2a.done=true;}wpa2a.targets=[];}};a2a_config.callbacks=a2a_config.callbacks||[];a2a_config.callbacks.push({ready:wpa2a.script_onready});
//--></script>
<style>
.gist table {
margin-bottom: 0 !important;
}
.gist .line-numbers
{
width: 4em !important;
}
.gist .line,
.gist .line-number
{
font-size: 12px !important;
height: 18px !important;
line-height: 18px !important;
}
.gist .line
{
white-space: pre !important;
width: auto !important;
word-wrap: normal !important;
}
.gist .line span
{
word-wrap: normal !important;
}
</style>
<style type="text/css">
.site-header {
background:url(../wp-content/uploads/2014/03/brick-stone-wall-grey.jpg)
repeat-x left
;
}
.site-title a, .site-title a:visited, .site-title a:active{
}
.site-description{
}
.site-slider{
}
.main-navigation-inner{
}
.main-navigation{
}
.nav-border-top{
}
.main-navigation li:hover {
}
.main-navigation a {
}
.main-navigation ul ul {
}
.main-navigation ul ul a {
}
.main-navigation ul ul li:hover {
}
.main-navigation li.current_page_item,
.main-navigation li.current-menu-item {
}
/* Main Content Starts Here */
.site-main{
}
/* Standard Layout Starts */
/* Standard Layout Ends */
/* Posts-Pages-Sidebars Starts*/
.post .entry-title, .entry-meta, .entry-meta-bottom-item {
color:;
}
.entry-meta-bottom{
}
.entry-meta-bottom-item a{
background:;
}
.post .entry-title, .post .entry-title a{
color:#dd8500;
}
.page .entry-title{
color:#dd8500;
}
.page-content,
.entry-content,
.entry-summary,
.entry-meta {
color:;
}
.page-content a,
.entry-content a,
.entry-summary a,
.entry-meta-bottom-item a,
.entry-meta a{
color:#dd8500;
}
blockquote{
}
mark, ins, pre, .more-link, .page-links a{
background:;
}
.wp-caption{
}
.site-content .gallery a img{
}
.paging-navigation .nav-previous, .paging-navigation .nav-next, .post-navigation, .comments-area{
background-color:;
color:;
}
.post-navigation .nav-previous a, .post-navigation .nav-next a,
.comment-navigation .nav-previous a, .comment-navigation .nav-next a,
.comment-author cite, .comment-author time, .comment-author .edit-link a,
.comments-area a,
.paging-navigation .nav-previous a, .paging-navigation .nav-next a{
color:#dd8500;
}
.comment-form-comment textarea, .comment-form input[type="text"], .comment-form input[type="email"], .comment-form input[type="password"], .comment-form input[type="search"]{
background-color:;
color:;
}
.form-submit #submit{
background-color:;
color:;
}
.comment-body .reply a{
background-color:;
color:;
}
/* Posts-Pages-Sidebars Ends*/
/* Widget Area Starts */
.widget-area, .fourohfour-widget-container{
}
.widget {
color:;
}
.widget a{
color:;
}
.widget h1 {
color:#dd8500;
}
.widget ul li{
}
.widget ul li a{
color:;
}
.search-field, .widget select{
background: !important;
color: !important;
}
.search-submit{
background: !important;
color: !important;
}
/* Widget Area Ends */
/* Main Content Ends Here */
.footer-social{
}
.footer-five-map{
}
.footer-six-map-container, .footer-six-address, .footer-six-address a, .footer-six-email:before, .footer-six-phone:before, .footer-six-fax:before, .footer-six-skype:before{
color:;
}
.site-footer{
}
.site-footer .widget h1 {
color:;
}
.site-footer .widget, .site-info p, .site-info-three p {
color:;
}
.site-footer .widget a, .site-footer .widget ul li a, .site-info a, .site-info h3 a, .site-info p a, .site-info-three a, .site-info-three h3 a, .site-info-three p a{
color:;
}
.site-footer .search-field, .footer-search .search-field{
color:;
}
.site-footer .search-submit, .footer-search .search-submit{
color: !important;
}
.site-footer .widget select, .footer-widget-three .widget select, .footer-widget-two .widget select {
background:;
color:;
}
.portfolio-page-title{
color:;
}
.portfolio-description{
color:;
}
.portfolio-two-item-odd, .portfolio-two-item-even, .portfolio-three-item-odd, .portfolio-three-item-even, .portfolio-four-item-odd, .portfolio-four-item-even{
}
.portfolio-two-item-image, .portfolio-three-item-image, .portfolio-four-item-image{
}
.portfolio-one-item-desc-title, .portfolio-two-item-desc-title, .portfolio-three-item-desc-title, .portfolio-four-item-desc-title,
.portfolio-one-item-desc-title a, .portfolio-two-item-desc-title a, .portfolio-three-item-desc-title a, .portfolio-four-item-desc-title a{
color:;
}
.portfolio-one-item-desc-desc, .portfolio-one-item-desc-desc ul li, .portfolio-one-item-desc-desc ul li:before, .portfolio-two-item-desc-desc, .portfolio-two-item-desc-desc ul li, .portfolio-two-item-desc-desc ul li:before, .portfolio-three-item-desc-desc, .portfolio-three-item-desc-desc ul li, .portfolio-three-item-desc-desc ul li:before, .portfolio-four-item-desc-desc, .portfolio-four-item-desc-desc ul li, .portfolio-four-item-desc-desc ul li:before{
color:;
}
.portfolio-two-item-desc-link, .portfolio-three-item-desc-link, .portfolio-four-item-desc-link{
}
.portfolio-one-item-desc-link a, .portfolio-two-item-desc-link a, .portfolio-three-item-desc-link a, .portfolio-four-item-desc-link a,
.portfolio-one-item-desc-link a:visited, .portfolio-two-item-desc-link a:visited, .portfolio-three-item-desc-link a:visited, .portfolio-four-item-desc-link a:visited{
color:;
}
.wpcf7-text, .wpcf7-number, .wpcf7-date, .wpcf7-textarea, .wpcf7-select, .wpcf7-quiz, .wpcf7-captchar, .wpcf7-file{
}
.wpcf7-submit{
}
@media screen
and (min-width : 600px)
and (max-width : 900px) {
}
</style>
<style type="text/css">.recentcomments a{display:inline !important;padding:0 !important;margin:0 !important;}</style>
<!-- WordPress Popular Posts v3.3.2 -->
<script type="text/javascript">//<![CDATA[
var sampling_active = 0;
var sampling_rate = 100;
var do_request = false;
if ( !sampling_active ) {
do_request = true;
} else {
var num = Math.floor(Math.random() * sampling_rate) + 1;
do_request = ( 1 === num );
}
if ( do_request ) {
// Create XMLHttpRequest object and set variables
var xhr = ( window.XMLHttpRequest )
? new XMLHttpRequest()
: new ActiveXObject( "Microsoft.XMLHTTP" ),
url = 'https://trick77.com/wp-admin/admin-ajax.php',
params = 'action=update_views_ajax&token=5ca6b07a34&wpp_id=4821';
// Set request method and target URL
xhr.open( "POST", url, true );
// Set request header
xhr.setRequestHeader( "Content-type", "application/x-www-form-urlencoded" );
// Hook into onreadystatechange
xhr.onreadystatechange = function() {
if ( 4 === xhr.readyState && 200 === xhr.status ) {
if ( window.console && window.console.log ) {
window.console.log( xhr.responseText );
}
}
};
// Send request
xhr.send( params );
}
//]]></script>
<!-- End WordPress Popular Posts v3.3.2 -->
<style type="text/css" id="syntaxhighlighteranchor"></style>
<!-- BEGIN GADWP v4.9.1.2 Universal Tracking - https://deconf.com/google-analytics-dashboard-wordpress/ -->
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-19017014-1', 'auto');
ga('send', 'pageview');
</script>
<!-- END GADWP Universal Tracking -->
</head>
<body class="single single-post postid-4821 single-format-standard">
<div id="wrapper-one">
<div id="wrapper-two">
<div id="wrapper-three">
<div id="page" class="hfeed site">
<div class="header-social">
<div class="responsive-container">
</div>
</div>
<header id="masthead" class="site-header" role="banner">
<div class="responsive-container">
<div class="site-header-half-width-logo">
<div class="site-branding">
<a href="https://trick77.com/">
<img width="300" height="80" alt="logo" srcset="/wp-content/uploads/2014/03/logo-300x80@2x.png 2x" src="../wp-content/uploads/2014/03/logo-300x80.png"></a>
<h2 class="site-description">&#8230;gadgeteers at work</h2>
</div>
</div>
<div class="site-header-half-width-nav">
<nav id="site-navigation" class="main-navigation" role="navigation">
<div class="screen-reader-text skip-link"><a href="index.html#content" title="Skip to content">Skip to content</a></div>
<div class="menu-default-container"><ul id="main-nav" class="menu"><li id="menu-item-4499" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-home menu-item-4499"><a href="https://trick77.com/"><font color="#ffaa2b"><i class="fa fa-home"></i></font> Home</a></li><li id="menu-item-4486" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-4486"><a href="https://trick77.com/downloads/"><font color="#ffaa2b"><i class="fa fa-cloud-download"></i></font> Downloads</a></li><li id="menu-item-4487" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-4487"><a href="https://trick77.com/gallery/"><font color="#ffaa2b"><i class="fa fa-picture-o"></i></font> Gallery</a></li><li id="menu-item-4485" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-4485"><a href="https://trick77.com/about/"><font color="#ffaa2b"><i class="fa fa-info-circle"></i></font> About</a></li><li id="menu-item-4594" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-4594"><a href="https://trick77.com/contact/"><font color="#ffaa2b"><i class="fa fa-envelope"></i></font> Contact</a></li></ul></div> </nav><!-- #site-navigation -->
</div>
</div><!-- #Responsive-Container -->
</header><!-- #masthead -->
<div id="inner-container">
<div id="main" class="site-main">
<div class="responsive-container">
<div class="content-container">
<div id="primary" class="content-area">
<div id="content" class="site-content" role="main">
<article id="post-4821" class="post-4821 post type-post status-publish format-standard hentry category-security category-web tag-linux tag-how-to tag-ios tag-os-x tag-ubuntu tag-vpn tag-strongswan">
<header class="entry-header">
<h1 class="entry-title">strongSwan 5 based IPSec VPN, Ubuntu 14.04 LTS and PSK/XAUTH</h1>
<div class="entry-meta">
<span class="posted-on">Posted on <a href="index.html" title="16:31" rel="bookmark"><time class="entry-date published updated" datetime="2014-05-04T16:31:45+00:00">May 4, 2014</time></a></span><span class="byline"> by <span class="author vcard"><a class="url fn n" href="https://trick77.com/author/trick77/" title="View all posts by Jan">Jan</a></span></span> </div><!-- .entry-meta -->
</header><!-- .entry-header -->
<div class="entry-content">
<div class="addtoany_share_save_container addtoany_content_top"><div class="a2a_kit a2a_kit_size_32 addtoany_list a2a_target" id="wpa2a_1"><a class="a2a_button_facebook" href="http://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Ftrick77.com%2Fstrongswan-5-vpn-ubuntu-14-04-lts-psk-xauth%2F&amp;linkname=strongSwan%205%20based%20IPSec%20VPN%2C%20Ubuntu%2014.04%20LTS%20and%20PSK%2FXAUTH" title="Facebook" rel="nofollow" target="_blank"></a><a class="a2a_button_google_plus" href="http://www.addtoany.com/add_to/google_plus?linkurl=https%3A%2F%2Ftrick77.com%2Fstrongswan-5-vpn-ubuntu-14-04-lts-psk-xauth%2F&amp;linkname=strongSwan%205%20based%20IPSec%20VPN%2C%20Ubuntu%2014.04%20LTS%20and%20PSK%2FXAUTH" title="Google+" rel="nofollow" target="_blank"></a><a class="a2a_button_digg" href="http://www.addtoany.com/add_to/digg?linkurl=https%3A%2F%2Ftrick77.com%2Fstrongswan-5-vpn-ubuntu-14-04-lts-psk-xauth%2F&amp;linkname=strongSwan%205%20based%20IPSec%20VPN%2C%20Ubuntu%2014.04%20LTS%20and%20PSK%2FXAUTH" title="Digg" rel="nofollow" target="_blank"></a><a class="a2a_button_stumbleupon" href="http://www.addtoany.com/add_to/stumbleupon?linkurl=https%3A%2F%2Ftrick77.com%2Fstrongswan-5-vpn-ubuntu-14-04-lts-psk-xauth%2F&amp;linkname=strongSwan%205%20based%20IPSec%20VPN%2C%20Ubuntu%2014.04%20LTS%20and%20PSK%2FXAUTH" title="StumbleUpon" rel="nofollow" target="_blank"></a><a class="a2a_button_reddit" href="http://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Ftrick77.com%2Fstrongswan-5-vpn-ubuntu-14-04-lts-psk-xauth%2F&amp;linkname=strongSwan%205%20based%20IPSec%20VPN%2C%20Ubuntu%2014.04%20LTS%20and%20PSK%2FXAUTH" title="Reddit" rel="nofollow" target="_blank"></a><a class="a2a_button_email" href="http://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Ftrick77.com%2Fstrongswan-5-vpn-ubuntu-14-04-lts-psk-xauth%2F&amp;linkname=strongSwan%205%20based%20IPSec%20VPN%2C%20Ubuntu%2014.04%20LTS%20and%20PSK%2FXAUTH" title="Email" rel="nofollow" target="_blank"></a>
<script type="text/javascript"><!--
if(wpa2a)wpa2a.script_load();
//--></script>
</div></div><p>I prefer strongSwan over Openswan because it&#8217;s still in active development, easier to setup and doesn&#8217;t require a L2TP daemon. I prefer a simple IKEv1 setup using PSK and XAUTH over certificates. If you plan to share your VPN server with your friends it&#8217;s also a lot easier to setup for them without certificates. I haven&#8217;t tried the VPN configuration below with non-Apple clients but it works well with iOS and OS X clients. Make sure to use the Cisco IPSec VPN profile, not the L2TP over IPSec profile you need for Openswan. While strongSwan works well with KVM and Xen containers, it probably won&#8217;t work with non-virtualised containers like OpenVZ or LXC.<span id="more-4821"></span></p>
<p>strongSwan 5 has been modularised in Ubuntu 14.04 so we need to install the required plugins using apt-get as well:</p>
<pre>apt-get install strongswan strongswan-plugin-xauth-generic</pre>
<p>/etc/ipsec.secrets (replace 123.123.123.123 with the server&#8217;s public IP address)</p>
<pre>123.123.123.123 %any : PSK "replace but leave the quotes"
jan : XAUTH "janspassword"
someone : XAUTH "anotherpassword"
</pre>
<p>/etc/ipsec.conf</p>
<pre class="brush: plain; title: ; notranslate" title="">
config setup
cachecrls=yes
uniqueids=yes
conn ios
keyexchange=ikev1
authby=xauthpsk
xauth=server
left=%defaultroute
leftsubnet=0.0.0.0/0
leftfirewall=yes
right=%any
rightsubnet=10.7.0.0/24
rightsourceip=10.7.0.2/24
rightdns=4.2.2.1
auto=add
</pre>
<p>That&#8217;s already all we need for strongSwan. Restart it using</p>
<pre>service strongswan restart</pre>
<p>Make sure to allow IPv4 packet forwarding in /etc/sysctl.conf:</p>
<pre>net.ipv4.ip_forward=1</pre>
<p>And reload the changes using:</p>
<pre>sysctl -p</pre>
<p>We also need a NAT rule:</p>
<pre>
# VPN NAT
/sbin/iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -o eth0 -j MASQUERADE
</pre>
<p>I&#8217;m NATing the entire 10/8 for VPN usage and assign different /24&#8217;s to different VPN softwares. This way I just need one NAT rule for everything. </p>
<p>Here&#8217;s a sample inbound-only firewall script which also covers OpenVPN and Iodine ports:</p>
<pre class="brush: plain; title: ; notranslate" title="">
#!/bin/sh
# Flush old rules, old custom tables
/sbin/iptables --flush
/sbin/iptables --flush -t nat
/sbin/iptables --delete-chain
# Set default policies for all three default chains
/sbin/iptables -P INPUT DROP
/sbin/iptables -P FORWARD DROP
/sbin/iptables -P OUTPUT ACCEPT
# Enable free use of loopback interfaces
/sbin/iptables -A INPUT -i lo -j ACCEPT
/sbin/iptables -A OUTPUT -o lo -j ACCEPT
# Allow VPN forwarding
/sbin/iptables -A FORWARD -i tun+ -j ACCEPT
/sbin/iptables -A FORWARD -o tun+ -j ACCEPT
/sbin/iptables -A FORWARD -i dns+ -j ACCEPT
/sbin/iptables -A FORWARD -o dns+ -j ACCEPT
# Accept limited inbound ICMP messages
/sbin/iptables -I INPUT -p icmp --icmp-type echo-request -m recent --set
/sbin/iptables -I INPUT -p icmp --icmp-type echo-request -m recent --update --seconds 5 --hitcount 10 -j DROP
/sbin/iptables -A INPUT -p icmp -j ACCEPT
# All TCP sessions should begin with SYN
/sbin/iptables -A INPUT -p tcp ! --syn -m state --state NEW -s 0/0 -j DROP
# Accept inbound TCP packets
/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 80 -m state --state NEW -j ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 443 -m state --state NEW -j ACCEPT
# Accept inbound UDP packets
/sbin/iptables -A INPUT -p udp -m udp --dport 53 -j ACCEPT
/sbin/iptables -A INPUT -p udp -m udp --dport 1194 -j ACCEPT
# Accept IPSEC packets
/sbin/iptables -A INPUT -p esp -j ACCEPT
/sbin/iptables -A INPUT -p 50 -j ACCEPT
/sbin/iptables -A INPUT -p 51 -j ACCEPT
/sbin/iptables -A INPUT -p udp --dport 500 -j ACCEPT
/sbin/iptables -A INPUT -p udp --dport 4500 -j ACCEPT
# VPN NAT
/sbin/iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -o eth0 -j MASQUERADE
</pre>
<div class="addtoany_share_save_container addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_32 addtoany_list a2a_target" id="wpa2a_2"><a class="a2a_button_facebook" href="http://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Ftrick77.com%2Fstrongswan-5-vpn-ubuntu-14-04-lts-psk-xauth%2F&amp;linkname=strongSwan%205%20based%20IPSec%20VPN%2C%20Ubuntu%2014.04%20LTS%20and%20PSK%2FXAUTH" title="Facebook" rel="nofollow" target="_blank"></a><a class="a2a_button_google_plus" href="http://www.addtoany.com/add_to/google_plus?linkurl=https%3A%2F%2Ftrick77.com%2Fstrongswan-5-vpn-ubuntu-14-04-lts-psk-xauth%2F&amp;linkname=strongSwan%205%20based%20IPSec%20VPN%2C%20Ubuntu%2014.04%20LTS%20and%20PSK%2FXAUTH" title="Google+" rel="nofollow" target="_blank"></a><a class="a2a_button_digg" href="http://www.addtoany.com/add_to/digg?linkurl=https%3A%2F%2Ftrick77.com%2Fstrongswan-5-vpn-ubuntu-14-04-lts-psk-xauth%2F&amp;linkname=strongSwan%205%20based%20IPSec%20VPN%2C%20Ubuntu%2014.04%20LTS%20and%20PSK%2FXAUTH" title="Digg" rel="nofollow" target="_blank"></a><a class="a2a_button_stumbleupon" href="http://www.addtoany.com/add_to/stumbleupon?linkurl=https%3A%2F%2Ftrick77.com%2Fstrongswan-5-vpn-ubuntu-14-04-lts-psk-xauth%2F&amp;linkname=strongSwan%205%20based%20IPSec%20VPN%2C%20Ubuntu%2014.04%20LTS%20and%20PSK%2FXAUTH" title="StumbleUpon" rel="nofollow" target="_blank"></a><a class="a2a_button_reddit" href="http://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Ftrick77.com%2Fstrongswan-5-vpn-ubuntu-14-04-lts-psk-xauth%2F&amp;linkname=strongSwan%205%20based%20IPSec%20VPN%2C%20Ubuntu%2014.04%20LTS%20and%20PSK%2FXAUTH" title="Reddit" rel="nofollow" target="_blank"></a><a class="a2a_button_email" href="http://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Ftrick77.com%2Fstrongswan-5-vpn-ubuntu-14-04-lts-psk-xauth%2F&amp;linkname=strongSwan%205%20based%20IPSec%20VPN%2C%20Ubuntu%2014.04%20LTS%20and%20PSK%2FXAUTH" title="Email" rel="nofollow" target="_blank"></a></div></div><div class='yarpp-related'>
<h3>Related posts:</h3><ol>
<li><a href="https://trick77.com/netflix-dns-unblocking-without-sni-xbox-360-ps3-samsung-tv/" rel="bookmark" title="Netflix DNS-unblocking without SNI for your Xbox 360, PS3, WDTV, Samsung TV">Netflix DNS-unblocking without SNI for your Xbox 360, PS3, WDTV, Samsung TV </a></li>
<li><a href="https://trick77.com/how-to-install-kodi-ubuntu-server-14-04/" rel="bookmark" title="How to install Kodi on Ubuntu Server 14.04">How to install Kodi on Ubuntu Server 14.04 </a></li>
<li><a href="https://trick77.com/lxc-1-0-web-panel-ubuntu-14-04/" rel="bookmark" title="LXC 1.0 Web Panel for Ubuntu 14.04">LXC 1.0 Web Panel for Ubuntu 14.04 </a></li>
</ol>
</div>
</div><!-- .entry-content -->
<footer class="entry-meta-bottom">
<div class="entry-meta-bottom-item">Categories : <a href="https://trick77.com/category/security/" rel="category tag">Security</a> <a href="https://trick77.com/category/web/" rel="category tag">Web</a></div><div class="entry-meta-bottom-item">Tags : <a href="https://trick77.com/tag/linux/" rel="tag">linux</a> <a href="https://trick77.com/tag/how-to/" rel="tag">how-to</a> <a href="https://trick77.com/tag/ios/" rel="tag">ios</a> <a href="https://trick77.com/tag/os-x/" rel="tag">os x</a> <a href="https://trick77.com/tag/ubuntu/" rel="tag">ubuntu</a> <a href="https://trick77.com/tag/vpn/" rel="tag">vpn</a> <a href="https://trick77.com/tag/strongswan/" rel="tag">strongswan</a></div><div class="entry-meta-bottom-item">Bookmark the <a href="index.html" title="Permalink to strongSwan 5 based IPSec VPN, Ubuntu 14.04 LTS and PSK/XAUTH" rel="bookmark">permalink</a></div>
</footer><!-- .entry-meta -->
</article><!-- #post-## -->
<nav role="navigation" id="nav-below" class="post-navigation">
<h1 class="screen-reader-text">Post navigation</h1>
<div class="nav-previous"><span class="meta-nav">Previous Post</span><a href="https://trick77.com/lxc-1-0-web-panel-ubuntu-14-04/" rel="prev">LXC 1.0 Web Panel for Ubuntu 14.04</a></div> <div class="nav-next"><span class="meta-nav">Next Post</span><a href="https://trick77.com/new-hackintosh-build-based-gigabyte-ga-z97x-ud5h/" rel="next">New Hackintosh build based on GIGABYTE GA-Z97X-UD5H</a></div>
</nav><!-- #nav-below -->
<div id="comments" class="comments-area">
<h2 class="comments-title">
11 thoughts on &ldquo;<span>strongSwan 5 based IPSec VPN, Ubuntu 14.04 LTS and PSK/XAUTH</span>&rdquo; </h2>
<ol class="comment-list">
<li id="comment-10981" class="comment even thread-even depth-1">
<article id="div-comment-10981" class="comment-body">
<div class="comment-author vcard">
<div class="comment-author-image">
</div>
<div class="comment-author-name">
<img alt='' src='../../secure.gravatar.com/avatar/4a2de3bb43bea0be1e4b588deb8f3a9a?s=96&amp;d=mm&amp;r=r' srcset='https://secure.gravatar.com/avatar/4a2de3bb43bea0be1e4b588deb8f3a9a?s=192&amp;d=mm&amp;r=r 2x' class='avatar avatar-96 photo' height='96' width='96' /> <div>
<cite class="fn">Nate</cite> </div>
<div>
<a href="index.html#comment-10981">
<time datetime="2014-05-06T11:42:51+00:00">
May 6, 2014 at 11:42 </time>
</a>
</div>
<div>
</div>
<div>
</div>
</div>
</div>
<div class="comment-content">
<p>Hi,</p>
<p>I have followed your guide on setting this up on Ubuntu 14.04 and I&#8217;m having an issue with authentication.</p>
<p>When trying to connect the VPN from my iPhone I get the following error &#8220;VPN Connection &#8211; User authentication failed.&#8221; almost immediately.</p>
<p>Specifying the wrong secret on the iPhone client yields a longer time-out before a different error, so seems that this has been set correctly.</p>
<p>auth.log is showing &#8220;localhost charon: 01[IKE] 220.233.42.xxx is initiating a Main Mode IKE_SA&#8221; when trying to connect. There are no other errors showing in this log file when the connection fails to authenticate.</p>
<p>Is this just a case that I have not specified the xauth user somewhere? I have tried this with two accounts setup on the ubuntu server (including root).</p>
<p>Any pointers you can provide would be appreciated.</p>
</div><!-- .comment-content -->
<div class="reply">
<a rel='nofollow' class='comment-reply-link' href='https://trick77.com/strongswan-5-vpn-ubuntu-14-04-lts-psk-xauth/?replytocom=10981#respond' onclick='return addComment.moveForm( "div-comment-10981", "10981", "respond", "4821" )' aria-label='Reply to Nate'>Reply</a> </div><!-- .reply -->
</article><!-- .comment-body -->
</li><!-- #comment-## -->
<li id="comment-10982" class="comment byuser comment-author-trick77 bypostauthor odd alt thread-odd thread-alt depth-1">
<article id="div-comment-10982" class="comment-body">
<div class="comment-author vcard">
<div class="comment-author-image">
</div>
<div class="comment-author-name">
<img alt='' src='../../secure.gravatar.com/avatar/6fc13d445505cbb627ba5a06afea7efb?s=96&amp;d=mm&amp;r=r' srcset='https://secure.gravatar.com/avatar/6fc13d445505cbb627ba5a06afea7efb?s=192&amp;d=mm&amp;r=r 2x' class='avatar avatar-96 photo' height='96' width='96' /> <div>
<cite class="fn"><a href='https://trick77.com/' rel='external nofollow' class='url'>Jan</a></cite> </div>
<div>
<a href="index.html#comment-10982">
<time datetime="2014-05-06T12:12:18+00:00">
May 6, 2014 at 12:12 </time>
</a>
</div>
<div>
</div>
<div>
</div>
</div>
</div>
<div class="comment-content">
<p>Nate, I accidentally truncated a line in ipsec.secrets. Yes, you&#8217;re right, the XAUTH entry was missing. Thanks for the heads up!</p>
<p>Cheers,<br />
Jan</p>
</div><!-- .comment-content -->
<div class="reply">
<a rel='nofollow' class='comment-reply-link' href='https://trick77.com/strongswan-5-vpn-ubuntu-14-04-lts-psk-xauth/?replytocom=10982#respond' onclick='return addComment.moveForm( "div-comment-10982", "10982", "respond", "4821" )' aria-label='Reply to Jan'>Reply</a> </div><!-- .reply -->
</article><!-- .comment-body -->
</li><!-- #comment-## -->
<li id="comment-10983" class="comment even thread-even depth-1 parent">
<article id="div-comment-10983" class="comment-body">
<div class="comment-author vcard">
<div class="comment-author-image">
</div>
<div class="comment-author-name">
<img alt='' src='../../secure.gravatar.com/avatar/4a2de3bb43bea0be1e4b588deb8f3a9a?s=96&amp;d=mm&amp;r=r' srcset='https://secure.gravatar.com/avatar/4a2de3bb43bea0be1e4b588deb8f3a9a?s=192&amp;d=mm&amp;r=r 2x' class='avatar avatar-96 photo' height='96' width='96' /> <div>
<cite class="fn">Nate</cite> </div>
<div>
<a href="index.html#comment-10983">
<time datetime="2014-05-06T13:49:53+00:00">
May 6, 2014 at 13:49 </time>
</a>
</div>
<div>
</div>
<div>
</div>
</div>
</div>
<div class="comment-content">
<p>Thanks!! added the user details to ipsec.secrets, restarted the strongswan service and I was able to authenticate.</p>
<p>I&#8217;m glad it was something trivial! </p>
<p>Thanks for the help.</p>
</div><!-- .comment-content -->
<div class="reply">
<a rel='nofollow' class='comment-reply-link' href='https://trick77.com/strongswan-5-vpn-ubuntu-14-04-lts-psk-xauth/?replytocom=10983#respond' onclick='return addComment.moveForm( "div-comment-10983", "10983", "respond", "4821" )' aria-label='Reply to Nate'>Reply</a> </div><!-- .reply -->
</article><!-- .comment-body -->
<ul class="children">
<li id="comment-11691" class="comment odd alt depth-2">
<article id="div-comment-11691" class="comment-body">
<div class="comment-author vcard">
<div class="comment-author-image">
</div>
<div class="comment-author-name">
<img alt='' src='../../secure.gravatar.com/avatar/1ab81e4707051c4810e68c8844de0882?s=96&amp;d=mm&amp;r=r' srcset='https://secure.gravatar.com/avatar/1ab81e4707051c4810e68c8844de0882?s=192&amp;d=mm&amp;r=r 2x' class='avatar avatar-96 photo' height='96' width='96' /> <div>
<cite class="fn">binar</cite> </div>
<div>
<a href="index.html#comment-11691">
<time datetime="2015-01-20T23:21:54+00:00">
January 20, 2015 at 23:21 </time>
</a>
</div>
<div>
</div>
<div>
</div>
</div>
</div>
<div class="comment-content">
<p>guys i dont get how the ipsec.secret should look like ? can u post an working example ?<br />
btw i have the same error as Nate had<br />
regards</p>
</div><!-- .comment-content -->
<div class="reply">
<a rel='nofollow' class='comment-reply-link' href='https://trick77.com/strongswan-5-vpn-ubuntu-14-04-lts-psk-xauth/?replytocom=11691#respond' onclick='return addComment.moveForm( "div-comment-11691", "11691", "respond", "4821" )' aria-label='Reply to binar'>Reply</a> </div><!-- .reply -->
</article><!-- .comment-body -->
</li><!-- #comment-## -->
</ul><!-- .children -->
</li><!-- #comment-## -->
<li id="comment-11599" class="comment even thread-odd thread-alt depth-1 parent">
<article id="div-comment-11599" class="comment-body">
<div class="comment-author vcard">
<div class="comment-author-image">
</div>
<div class="comment-author-name">
<img alt='' src='../../secure.gravatar.com/avatar/f5fc0df397dbcb00b0a89556106fa10a?s=96&amp;d=mm&amp;r=r' srcset='https://secure.gravatar.com/avatar/f5fc0df397dbcb00b0a89556106fa10a?s=192&amp;d=mm&amp;r=r 2x' class='avatar avatar-96 photo' height='96' width='96' /> <div>
<cite class="fn">Kelvin</cite> </div>
<div>
<a href="index.html#comment-11599">
<time datetime="2014-11-07T17:44:42+00:00">
November 7, 2014 at 17:44 </time>
</a>
</div>
<div>
</div>
<div>
</div>
</div>
</div>
<div class="comment-content">
<p>Hi!</p>
<p>I used your ipsec.conf and when I try to start Strongswan it gave me this error:<br />
start: Job failed to start</p>
<p>I then typed ipsec start and I get the following error:<br />
Starting strongSwan 5.1.2 IPsec [starter]&#8230;<br />
/etc/ipsec.conf:6: syntax error, unexpected FIRST_SPACES [ ]<br />
unable to start strongSwan &#8212; fatal errors in config</p>
</div><!-- .comment-content -->
<div class="reply">
<a rel='nofollow' class='comment-reply-link' href='https://trick77.com/strongswan-5-vpn-ubuntu-14-04-lts-psk-xauth/?replytocom=11599#respond' onclick='return addComment.moveForm( "div-comment-11599", "11599", "respond", "4821" )' aria-label='Reply to Kelvin'>Reply</a> </div><!-- .reply -->
</article><!-- .comment-body -->
<ul class="children">
<li id="comment-11663" class="comment odd alt depth-2">
<article id="div-comment-11663" class="comment-body">
<div class="comment-author vcard">
<div class="comment-author-image">
</div>
<div class="comment-author-name">
<img alt='' src='../../secure.gravatar.com/avatar/0734a5f277b6264118ab31b4e6c85c5b?s=96&amp;d=mm&amp;r=r' srcset='https://secure.gravatar.com/avatar/0734a5f277b6264118ab31b4e6c85c5b?s=192&amp;d=mm&amp;r=r 2x' class='avatar avatar-96 photo' height='96' width='96' /> <div>
<cite class="fn">Franz</cite> </div>
<div>
<a href="index.html#comment-11663">
<time datetime="2014-12-26T14:48:08+00:00">
December 26, 2014 at 14:48 </time>
</a>
</div>
<div>
</div>
<div>
</div>
</div>
</div>
<div class="comment-content">
<p>I had the same problem. Deleting all file contents and just pasting the new configuration into the file solved the problem for me.</p>
</div><!-- .comment-content -->
<div class="reply">
<a rel='nofollow' class='comment-reply-link' href='https://trick77.com/strongswan-5-vpn-ubuntu-14-04-lts-psk-xauth/?replytocom=11663#respond' onclick='return addComment.moveForm( "div-comment-11663", "11663", "respond", "4821" )' aria-label='Reply to Franz'>Reply</a> </div><!-- .reply -->
</article><!-- .comment-body -->
</li><!-- #comment-## -->
</ul><!-- .children -->
</li><!-- #comment-## -->
<li id="comment-11600" class="comment byuser comment-author-trick77 bypostauthor even thread-even depth-1">
<article id="div-comment-11600" class="comment-body">
<div class="comment-author vcard">
<div class="comment-author-image">
</div>
<div class="comment-author-name">
<img alt='' src='../../secure.gravatar.com/avatar/6fc13d445505cbb627ba5a06afea7efb?s=96&amp;d=mm&amp;r=r' srcset='https://secure.gravatar.com/avatar/6fc13d445505cbb627ba5a06afea7efb?s=192&amp;d=mm&amp;r=r 2x' class='avatar avatar-96 photo' height='96' width='96' /> <div>
<cite class="fn"><a href='https://trick77.com/' rel='external nofollow' class='url'>Jan</a></cite> </div>
<div>
<a href="index.html#comment-11600">
<time datetime="2014-11-07T18:38:21+00:00">
November 7, 2014 at 18:38 </time>
</a>
</div>
<div>
</div>
<div>
</div>
</div>
</div>
<div class="comment-content">
<p>Kelvin, looks like some sort of copy-paste problem. Check for wrong indentation and thinks like that. </p>
<p>Cheers,<br />
Jan</p>
</div><!-- .comment-content -->
<div class="reply">
<a rel='nofollow' class='comment-reply-link' href='https://trick77.com/strongswan-5-vpn-ubuntu-14-04-lts-psk-xauth/?replytocom=11600#respond' onclick='return addComment.moveForm( "div-comment-11600", "11600", "respond", "4821" )' aria-label='Reply to Jan'>Reply</a> </div><!-- .reply -->
</article><!-- .comment-body -->
</li><!-- #comment-## -->
<li id="comment-11684" class="comment odd alt thread-odd thread-alt depth-1">
<article id="div-comment-11684" class="comment-body">
<div class="comment-author vcard">
<div class="comment-author-image">
</div>
<div class="comment-author-name">
<img alt='' src='../../secure.gravatar.com/avatar/25c38e5c3aad5c3bd20f103de7624c9c?s=96&amp;d=mm&amp;r=r' srcset='https://secure.gravatar.com/avatar/25c38e5c3aad5c3bd20f103de7624c9c?s=192&amp;d=mm&amp;r=r 2x' class='avatar avatar-96 photo' height='96' width='96' /> <div>
<cite class="fn">Robert Charlton</cite> </div>
<div>
<a href="index.html#comment-11684">
<time datetime="2015-01-15T19:49:20+00:00">
January 15, 2015 at 19:49 </time>
</a>
</div>
<div>
</div>
<div>
</div>
</div>
</div>
<div class="comment-content">
<p>Hi,</p>
<p>I have followed the guide. My andriod phone connects no problems, however once its connected I still can&#8217;t ping anything.<br />
Can&#8217;t ping either of the interfaces eth0 (external) or eth1 (internal) and cant ping the phone either. It gets an IP and I can see the rule appear in /var/log/syslog. Any chance you could help?<br />
I have setup exactly as above&#8230;</p>
<p>Help!!</p>
<p>Thanks<br />
Rob</p>
</div><!-- .comment-content -->
<div class="reply">
<a rel='nofollow' class='comment-reply-link' href='https://trick77.com/strongswan-5-vpn-ubuntu-14-04-lts-psk-xauth/?replytocom=11684#respond' onclick='return addComment.moveForm( "div-comment-11684", "11684", "respond", "4821" )' aria-label='Reply to Robert Charlton'>Reply</a> </div><!-- .reply -->
</article><!-- .comment-body -->
</li><!-- #comment-## -->
<li id="comment-11757" class="comment even thread-even depth-1 parent">
<article id="div-comment-11757" class="comment-body">
<div class="comment-author vcard">
<div class="comment-author-image">
</div>
<div class="comment-author-name">
<img alt='' src='../../secure.gravatar.com/avatar/c69a8394cafe2f5d0e0496331c175034?s=96&amp;d=mm&amp;r=r' srcset='https://secure.gravatar.com/avatar/c69a8394cafe2f5d0e0496331c175034?s=192&amp;d=mm&amp;r=r 2x' class='avatar avatar-96 photo' height='96' width='96' /> <div>
<cite class="fn">mike leighton</cite> </div>
<div>
<a href="index.html#comment-11757">
<time datetime="2015-03-11T05:37:47+00:00">
March 11, 2015 at 05:37 </time>
</a>
</div>
<div>
</div>
<div>
</div>
</div>
</div>
<div class="comment-content">
<p>I followed your easy through instructions all the way. Both my android and ios can connect to the server, however there is no data going through……any directions you wanna point me to? very much appreciated mate.</p>
</div><!-- .comment-content -->
<div class="reply">
<a rel='nofollow' class='comment-reply-link' href='https://trick77.com/strongswan-5-vpn-ubuntu-14-04-lts-psk-xauth/?replytocom=11757#respond' onclick='return addComment.moveForm( "div-comment-11757", "11757", "respond", "4821" )' aria-label='Reply to mike leighton'>Reply</a> </div><!-- .reply -->
</article><!-- .comment-body -->
<ul class="children">
<li id="comment-11760" class="comment byuser comment-author-trick77 bypostauthor odd alt depth-2">
<article id="div-comment-11760" class="comment-body">
<div class="comment-author vcard">
<div class="comment-author-image">
</div>
<div class="comment-author-name">
<img alt='' src='../../secure.gravatar.com/avatar/6fc13d445505cbb627ba5a06afea7efb?s=96&amp;d=mm&amp;r=r' srcset='https://secure.gravatar.com/avatar/6fc13d445505cbb627ba5a06afea7efb?s=192&amp;d=mm&amp;r=r 2x' class='avatar avatar-96 photo' height='96' width='96' /> <div>
<cite class="fn"><a href='https://trick77.com/' rel='external' class='url'>Jan</a></cite> </div>
<div>
<a href="index.html#comment-11760">
<time datetime="2015-03-11T20:21:37+00:00">
March 11, 2015 at 20:21 </time>
</a>
</div>
<div>
</div>
<div>
</div>
</div>
</div>
<div class="comment-content">
<p>Mike, four things come to mind:<br />
a) It&#8217;s just a DNS problem, <code>ping 8.8.8.8</code> may be working<br />
b) MASQUERADE rule issue<br />
c) Paket forwarding is not enabled<br />
d) Try <code>iptables -P INPUT ACCEPT &#038;& iptables -P FORWARD ACCEPT</code> as well just to make sure it&#8217;s not a firewall issue.</p>
<p>But other than that, I don&#8217;t know.</p>
<p>Cheers,<br />
Jan</p>
</div><!-- .comment-content -->
<div class="reply">
<a rel='nofollow' class='comment-reply-link' href='https://trick77.com/strongswan-5-vpn-ubuntu-14-04-lts-psk-xauth/?replytocom=11760#respond' onclick='return addComment.moveForm( "div-comment-11760", "11760", "respond", "4821" )' aria-label='Reply to Jan'>Reply</a> </div><!-- .reply -->
</article><!-- .comment-body -->
</li><!-- #comment-## -->
</ul><!-- .children -->
</li><!-- #comment-## -->
<li id="comment-12236" class="comment even thread-odd thread-alt depth-1">
<article id="div-comment-12236" class="comment-body">
<div class="comment-author vcard">
<div class="comment-author-image">
</div>
<div class="comment-author-name">
<img alt='' src='../../secure.gravatar.com/avatar/89fa829134c386858ebad16bc9e3a06c?s=96&amp;d=mm&amp;r=r' srcset='https://secure.gravatar.com/avatar/89fa829134c386858ebad16bc9e3a06c?s=192&amp;d=mm&amp;r=r 2x' class='avatar avatar-96 photo' height='96' width='96' /> <div>
<cite class="fn">jly2680</cite> </div>
<div>
<a href="index.html#comment-12236">
<time datetime="2015-07-08T18:13:48+00:00">
July 8, 2015 at 18:13 </time>
</a>
</div>
<div>
</div>
<div>
</div>
</div>
</div>
<div class="comment-content">
<p>you need to compile strongswan with &#8211;enable-kernel-libipsec</p>
</div><!-- .comment-content -->
<div class="reply">
<a rel='nofollow' class='comment-reply-link' href='https://trick77.com/strongswan-5-vpn-ubuntu-14-04-lts-psk-xauth/?replytocom=12236#respond' onclick='return addComment.moveForm( "div-comment-12236", "12236", "respond", "4821" )' aria-label='Reply to jly2680'>Reply</a> </div><!-- .reply -->
</article><!-- .comment-body -->
</li><!-- #comment-## -->
</ol><!-- .comment-list -->
<div id="respond" class="comment-respond">
<h3 id="reply-title" class="comment-reply-title">Leave a Reply <small><a rel="nofollow" id="cancel-comment-reply-link" href="index.html#respond" style="display:none;">Cancel reply</a></small></h3> <form action="https://trick77.com/wp-comments-post.php" method="post" id="commentform" class="comment-form">
<p class="comment-notes"><span id="email-notes">Your email address will not be published.</span> Required fields are marked <span class="required">*</span></p><p class="comment-form-comment"><label for="comment">Comment</label> <textarea id="comment" name="a905f-comment" cols="45" rows="8" aria-required="true" required="required"></textarea><textarea name="comment" style="display:none" rows="1" cols="1"></textarea></p><p class="comment-form-author"><label for="author">Name <span class="required">*</span></label> <input id="author" name="author" type="text" value="" size="30" aria-required='true' required='required' /></p>
<p class="comment-form-email"><label for="email">Email <span class="required">*</span></label> <input id="email" name="email" type="text" value="" size="30" aria-describedby="email-notes" aria-required='true' required='required' /></p>
<p class="comment-form-url"><label for="url">Website</label> <input id="url" name="url" type="text" value="" size="30" /></p>
<p class="form-submit"><input name="submit" type="submit" id="submit" class="submit" value="Post Comment" /> <input type='hidden' name='comment_post_ID' value='4821' id='comment_post_ID' />
<input type='hidden' name='comment_parent' id='comment_parent' value='0' />
</p><p style="display: none;"><input type="hidden" id="akismet_comment_nonce" name="akismet_comment_nonce" value="91d60dedb3" /></p><!-- Subscribe to Comments Reloaded version 150820 --><!-- BEGIN: subscribe to comments reloaded --><p class='comment-form-subscriptions'><label for='subscribe-reloaded'><input style='width:30px' type='checkbox' name='subscribe-reloaded' id='subscribe-reloaded' value='yes' /> Notify me of followup comments via e-mail. You can also <a href='https://trick77.com/comment-subscriptions/?srp=4821&amp;srk=69177a05b0ff560d627a1ba837b1bdcd&amp;sra=s'>subscribe</a> without commenting.</label></p><!-- END: subscribe to comments reloaded --><p style="display: none;"><input type="hidden" id="ak_js" name="ak_js" value="215"/></p> </form>
</div><!-- #respond -->
</div><!-- #comments -->
</div><!-- #content -->
</div><!-- #primary -->
<div id="secondary" class="widget-area" role="complementary">
<aside id="linkcat-2" class="widget widget_links"><h1 class="widget-title">Links</h1>
<ul class='xoxo blogroll'>
<li><a href="https://trick77.com/dockerflix-docker-based-sni-proxy-watching-us-netflix-hulu-mtv-vevo-crackle-abc-nbc-pbs/" title="Docker-based SNI proxy">Dockerflix</a></li>
<li><a href="https://trick77.com/call-center-rufnummern-sperrliste-schweiz/">Call center blacklist (Switzerland)</a></li>
<li><a href="https://github.com/trick77">trick77 on GitHub</a></li>
</ul>
</aside>
<aside id="text-2" class="widget widget_text"><h1 class="widget-title">Gallery</h1> <div class="textwidget"><div id="flickr_trick77_7962"><div class="slickr-flickr-gallery sf-lightbox"><ul><li class="active"><a href="https://farm4.staticflickr.com/3338/3415588674_9dcecb74d9.jpg" ><img src="../../farm4.staticflickr.com/3338/3415588674_9dcecb74d9_s.jpg" title="5pointz Graffiti" /></a></li><li><a href="https://farm4.staticflickr.com/3618/3415586450_54811d0db7.jpg" ><img src="../../farm4.staticflickr.com/3618/3415586450_54811d0db7_s.jpg" title="The Blue Hour: Times Square Traffic" /></a></li><li><a href="https://farm4.staticflickr.com/3542/3372543150_8d84fd294e.jpg" ><img src="../../farm4.staticflickr.com/3542/3372543150_8d84fd294e_s.jpg" title="D-Man's Spider-Bike" /></a></li><li><a href="https://farm4.staticflickr.com/3470/3372529932_430011661f.jpg" ><img src="../../farm4.staticflickr.com/3470/3372529932_430011661f_s.jpg" title="Sun beams into St. Peters Basilica" /></a></li><li><a href="https://farm4.staticflickr.com/3442/3372439464_85baf3081f.jpg" ><img src="../../farm4.staticflickr.com/3442/3372439464_85baf3081f_s.jpg" title="Old Subway Commercials" /></a></li><li><a href="https://farm4.staticflickr.com/3622/3363784430_1f0bae6412.jpg" ><img src="../../farm4.staticflickr.com/3622/3363784430_1f0bae6412_s.jpg" title="St. Andrews Castle Ruins" /></a></li><li><a href="https://farm4.staticflickr.com/3085/3360038751_1cd086cbc5.jpg" ><img src="../../farm4.staticflickr.com/3085/3360038751_1cd086cbc5_s.jpg" title="Coke Truck" /></a></li><li><a href="https://farm4.staticflickr.com/3436/3360852836_813c5261e6.jpg" ><img src="../../farm4.staticflickr.com/3436/3360852836_813c5261e6_s.jpg" title="Brooklyn Bridge &amp;amp; School Bus" /></a></li><li><a href="https://farm4.staticflickr.com/3433/3359730425_10a0795077.jpg" ><img src="../../farm4.staticflickr.com/3433/3359730425_10a0795077_s.jpg" title="Vintage Carlsberg Beer Boxes" /></a></li></ul></div><div style="clear:both"></div></div></div>
</aside>
<!-- WordPress Popular Posts Plugin v3.3.2 [W] [weekly] [views] [regular] -->
<aside id="wpp-3" class="widget popular-posts">
<h1 class="widget-title">Popular Posts</h1>
<ul class="wpp-list">
<li><a href="https://trick77.com/enable-vim-tv-playback-vcds-vag-com-mmi/" title="Enable VIM TV-playback using VCDS/VAG-COM in your Audi MMI" class="wpp-post-title" target="_self">Enable VIM TV-playback using VCDS/VAG-COM in your Audi MMI</a> </li>
<li><a href="https://trick77.com/unlocking-mmi-3g-hidden-menu/" title="Unlocking the MMI 3G hidden menu" class="wpp-post-title" target="_self">Unlocking the MMI 3G hidden menu</a> </li>
<li><a href="https://trick77.com/how-to-install-kodi-ubuntu-server-14-04/" title="How to install Kodi on Ubuntu Server 14.04" class="wpp-post-title" target="_self">How to install Kodi on Ubuntu Server 14.04</a> </li>
<li><a href="https://trick77.com/kindle-fire-reboot-loop-problem-solved/" title="Kindle Fire reboot loop problem &#8211; solved!" class="wpp-post-title" target="_self">Kindle Fire reboot loop problem &#8211; solved!</a> </li>
<li><a href="https://trick77.com/show-routing-table-in-mac-os-x/" title="Show routing table in Mac OS X" class="wpp-post-title" target="_self">Show routing table in Mac OS X</a> </li>
<li><a href="https://trick77.com/how-to-mount-clovers-efi-partition/" title="How to comfortably mount Clover&#8217;s EFI partition" class="wpp-post-title" target="_self">How to comfortably mount Clover&#8217;s EFI partition</a> </li>
<li><a href="https://trick77.com/how-to-install-kodi-odroid-c1-standalone-mediacenter/" title="How to install Kodi on an ODROID-C1 as a standalone mediacenter" class="wpp-post-title" target="_self">How to install Kodi on an ODROID-C1 as a standalone mediacenter</a> </li>
<li class="current"><a title="strongSwan 5 based IPSec VPN, Ubuntu 14.04 LTS and PSK/XAUTH" class="wpp-post-title" target="_self">strongSwan 5 based IPSec VPN, Ubuntu 14.04 LTS and PSK/XAUTH</a> </li>
<li><a href="https://trick77.com/apple-tv-2-with-white-led-flashing-blinking-fast/" title="Apple TV 2 &#8211; white light (LED) flashing/blinking fast" class="wpp-post-title" target="_self">Apple TV 2 &#8211; white light (LED) flashing/blinking fast</a> </li>
<li><a href="https://trick77.com/mmi-vim-login-code-generator-windows-application/" title="MMI VIM login-code generator Windows application" class="wpp-post-title" target="_self">MMI VIM login-code generator Windows application</a> </li>
<li><a href="https://trick77.com/new-hackintosh-build-based-gigabyte-ga-z97x-ud5h/" title="New Hackintosh build based on GIGABYTE GA-Z97X-UD5H" class="wpp-post-title" target="_self">New Hackintosh build based on GIGABYTE GA-Z97X-UD5H</a> </li>
<li><a href="https://trick77.com/could-not-load-host-key-etcsshssh_host_ed25519_key/" title="Could not load host key: /etc/ssh/ssh_host_ed25519_key" class="wpp-post-title" target="_self">Could not load host key: /etc/ssh/ssh_host_ed25519_key</a> </li>
<li><a href="https://trick77.com/fritzbox-7390-schweiz-aktuellste-firmware-einspielen-laborversionen/" title="FRITZ!Box 7390 in der Schweiz &#8211; aktuellste Firmware einspielen (inkl. Laborversionen)" class="wpp-post-title" target="_self">FRITZ!Box 7390 in der Schweiz &#8211; aktuellste Firmware einspielen (inkl. Laborversionen)</a> </li>
<li><a href="https://trick77.com/how-to-set-up-virtual-kvm-vnc-console-ovh-server/" title="How to set up a virtual KVM/VNC console on your OVH server" class="wpp-post-title" target="_self">How to set up a virtual KVM/VNC console on your OVH server</a> </li>
<li><a href="https://trick77.com/dns-unblocking-using-dnsmasq-haproxy/" title="DNS unblocking using Dnsmasq and HAProxy" class="wpp-post-title" target="_self">DNS unblocking using Dnsmasq and HAProxy</a> </li>
</ul>
</aside>
<!-- End WordPress Popular Posts Plugin v3.3.2 -->
<aside id="recent-comments-2" class="widget widget_recent_comments"><h1 class="widget-title">Recent Comments</h1><ul id="recentcomments"><li class="recentcomments"><span class="comment-author-link">Eugene</span> on <a href="https://trick77.com/enable-vim-tv-playback-vcds-vag-com-mmi/comment-page-1/#comment-12606">Enable VIM TV-playback using VCDS/VAG-COM in your Audi MMI</a></li><li class="recentcomments"><span class="comment-author-link">alex</span> on <a href="https://trick77.com/could-not-load-host-key-etcsshssh_host_ed25519_key/comment-page-1/#comment-12579">Could not load host key: /etc/ssh/ssh_host_ed25519_key</a></li><li class="recentcomments"><span class="comment-author-link">gon</span> on <a href="https://trick77.com/mmi-vim-login-code-generator-windows-application/comment-page-1/#comment-12568">MMI VIM login-code generator Windows application</a></li><li class="recentcomments"><span class="comment-author-link">Aioanei Alexnandru</span> on <a href="https://trick77.com/enable-vim-tv-playback-vcds-vag-com-mmi/comment-page-1/#comment-12567">Enable VIM TV-playback using VCDS/VAG-COM in your Audi MMI</a></li><li class="recentcomments"><span class="comment-author-link">Anthony</span> on <a href="https://trick77.com/native-gigabit-pci-e-network-adapter-nic-os-x/comment-page-1/#comment-12563">Native Gigabit PCI-e Network Adapter / NIC for OS X</a></li><li class="recentcomments"><span class="comment-author-link">Pascal Paul</span> on <a href="https://trick77.com/fritzbox-7390-schweiz-aktuellste-firmware-einspielen-laborversionen/comment-page-1/#comment-12554">FRITZ!Box 7390 in der Schweiz &#8211; aktuellste Firmware einspielen (inkl. Laborversionen)</a></li><li class="recentcomments"><span class="comment-author-link">Eph</span> on <a href="https://trick77.com/enable-vim-tv-playback-vcds-vag-com-mmi/comment-page-1/#comment-12548">Enable VIM TV-playback using VCDS/VAG-COM in your Audi MMI</a></li><li class="recentcomments"><span class="comment-author-link">Mats</span> on <a href="https://trick77.com/enable-vim-tv-playback-vcds-vag-com-mmi/comment-page-1/#comment-12547">Enable VIM TV-playback using VCDS/VAG-COM in your Audi MMI</a></li><li class="recentcomments"><span class="comment-author-link">Pascal Pauö</span> on <a href="https://trick77.com/fritzbox-7390-schweiz-aktuellste-firmware-einspielen-laborversionen/comment-page-1/#comment-12543">FRITZ!Box 7390 in der Schweiz &#8211; aktuellste Firmware einspielen (inkl. Laborversionen)</a></li><li class="recentcomments"><span class="comment-author-link">Giovanni</span> on <a href="https://trick77.com/how-to-install-kodi-odroid-c1-standalone-mediacenter/comment-page-1/#comment-12524">How to install Kodi on an ODROID-C1 as a standalone mediacenter</a></li></ul></aside> </div><!-- #secondary -->
</div><!-- .content-container -->
</div><!-- .Responsive-Container -->
</div><!-- #main -->
<!-- Footer Starts Here -->
<footer id="colophon" class="site-footer" role="contentinfo">
<div class="responsive-container">
<div class="site-info">
<h3><a href="https://trick77.com/">trick77.com</a></h3>
<p>&copy; All rights reserved.</p>
</div><!-- .site-info -->
<div class="footer-widget-three">
</div>
<div class="footer-widget-three">
</div>
<div class="footer-widget-three">
</div>
</div><!-- #Responsive-Container -->
</footer><!-- #colophon --> <!-- Footer ends Here -->
</div><!-- #inner-container -->
</div><!-- #page -->
</div><!-- #wrapper-one -->
</div><!-- #wrapper-two -->
</div><!-- #wrapper-three -->
<script type="text/javascript"><!--
wpa2a.targets=[
{title:"strongSwan 5 based IPSec VPN, Ubuntu 14.04 LTS and PSK\/XAUTH",url:"https://trick77.com/strongswan-5-vpn-ubuntu-14-04-lts-psk-xauth/"},
{title:"strongSwan 5 based IPSec VPN, Ubuntu 14.04 LTS and PSK\/XAUTH",url:"https://trick77.com/strongswan-5-vpn-ubuntu-14-04-lts-psk-xauth/"}];
wpa2a.html_done=true;if(wpa2a.script_ready&&!wpa2a.done)wpa2a.init();wpa2a.script_load();
//--></script>
<script type='text/javascript' src='../wp-content/plugins/akismet/_inc/form.js?ver=3.1.6'></script>
<script type='text/javascript' src='../wp-content/plugins/syntaxhighlighter/syntaxhighlighter3/scripts/shCore.js?ver=3.0.9b'></script>
<script type='text/javascript' src='../wp-content/plugins/syntaxhighlighter/syntaxhighlighter3/scripts/shBrushPlain.js?ver=3.0.9b'></script>
<script type='text/javascript'>
(function(){
var corecss = document.createElement('link');
var themecss = document.createElement('link');
var corecssurl = "https://trick77.com/wp-content/plugins/syntaxhighlighter/syntaxhighlighter3/styles/shCore.css?ver=3.0.9b";
if ( corecss.setAttribute ) {
corecss.setAttribute( "rel", "stylesheet" );
corecss.setAttribute( "type", "text/css" );
corecss.setAttribute( "href", corecssurl );
} else {
corecss.rel = "stylesheet";
corecss.href = corecssurl;
}
document.getElementsByTagName("head")[0].insertBefore( corecss, document.getElementById("syntaxhighlighteranchor") );
var themecssurl = "https://trick77.com/wp-content/plugins/syntaxhighlighter/syntaxhighlighter3/styles/shThemeDefault.css?ver=3.0.9b";
if ( themecss.setAttribute ) {
themecss.setAttribute( "rel", "stylesheet" );
themecss.setAttribute( "type", "text/css" );
themecss.setAttribute( "href", themecssurl );
} else {
themecss.rel = "stylesheet";
themecss.href = themecssurl;
}
//document.getElementById("syntaxhighlighteranchor").appendChild(themecss);
document.getElementsByTagName("head")[0].insertBefore( themecss, document.getElementById("syntaxhighlighteranchor") );
})();
SyntaxHighlighter.config.strings.expandSource = '+ expand source';
SyntaxHighlighter.config.strings.help = '?';
SyntaxHighlighter.config.strings.alert = 'SyntaxHighlighter\n\n';
SyntaxHighlighter.config.strings.noBrush = 'Can\'t find brush for: ';
SyntaxHighlighter.config.strings.brushNotHtmlScript = 'Brush wasn\'t configured for html-script option: ';
SyntaxHighlighter.defaults['pad-line-numbers'] = true;
SyntaxHighlighter.all();
</script>
<script type='text/javascript' src='../wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20'></script>
<script type='text/javascript'>
/* <![CDATA[ */
var _wpcf7 = {"loaderUrl":"https:\/\/trick77.com\/wp-content\/plugins\/contact-form-7\/images\/ajax-loader.gif","recaptchaEmpty":"Please verify that you are not a robot.","sending":"Sending ..."};
/* ]]> */
</script>
<script type='text/javascript' src='../wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.3.1'></script>
<script type='text/javascript' src='../wp-content/themes/ThemeAlley.Business/js/general.js?ver=4.4'></script>
<script type='text/javascript' src='../wp-content/themes/ThemeAlley.Business/js/skip-link-focus-fix.js?ver=20130115'></script>
<script type='text/javascript' src='../wp-includes/js/comment-reply.min.js?ver=4.4'></script>
<script type='text/javascript' src='../wp-content/plugins/slickr-flickr/scripts/lightGallery.min.js?ver=1.0'></script>
<script type='text/javascript'>
/* <![CDATA[ */
var thickboxL10n = {"next":"Next >","prev":"< Prev","image":"Image","of":"of","close":"Close","noiframes":"This feature requires inline frames. You have iframes disabled or your browser does not support them.","loadingAnimation":"https:\/\/trick77.com\/wp-includes\/js\/thickbox\/loadingAnimation.gif"};
/* ]]> */
</script>
<script type='text/javascript' src='../wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105'></script>
<script type='text/javascript' src='../wp-content/plugins/slickr-flickr/galleria/galleria-1.4.2.min.js?ver=1.4.2'></script>
<script type='text/javascript' src='../wp-content/plugins/slickr-flickr/galleria/themes/classic/galleria.classic.min.js?ver=1.4.2'></script>
<script type='text/javascript' src='../wp-content/plugins/slickr-flickr/scripts/responsiveslides.min.js?ver=1.54'></script>
<script type='text/javascript' src='../wp-content/plugins/slickr-flickr/scripts/public.js?ver=2.5.4'></script>
<script type='text/javascript' src='../wp-includes/js/wp-embed.min.js?ver=4.4'></script>
<script type="text/javascript">
//<![CDATA[
jQuery(document).ready(function() {
jQuery("#flickr_trick77_7962").data("options",{"caption":true,"desc":false,"auto":true,"pause":5000,"speed":500,"mode":"fade","dynamic":true,"dynamicEl":[{"thumb":"https:\/\/farm4.staticflickr.com\/3338\/3415588674_9dcecb74d9_s.jpg","src":"https:\/\/farm4.staticflickr.com\/3338\/3415588674_9dcecb74d9.jpg","caption":"5pointz Graffiti"},{"thumb":"https:\/\/farm4.staticflickr.com\/3618\/3415586450_54811d0db7_s.jpg","src":"https:\/\/farm4.staticflickr.com\/3618\/3415586450_54811d0db7.jpg","caption":"The Blue Hour: Times Square Traffic"},{"thumb":"https:\/\/farm4.staticflickr.com\/3542\/3372543150_8d84fd294e_s.jpg","src":"https:\/\/farm4.staticflickr.com\/3542\/3372543150_8d84fd294e.jpg","caption":"D-Man's Spider-Bike"},{"thumb":"https:\/\/farm4.staticflickr.com\/3470\/3372529932_430011661f_s.jpg","src":"https:\/\/farm4.staticflickr.com\/3470\/3372529932_430011661f.jpg","caption":"Sun beams into St. Peters Basilica"},{"thumb":"https:\/\/farm4.staticflickr.com\/3442\/3372439464_85baf3081f_s.jpg","src":"https:\/\/farm4.staticflickr.com\/3442\/3372439464_85baf3081f.jpg","caption":"Old Subway Commercials"},{"thumb":"https:\/\/farm4.staticflickr.com\/3622\/3363784430_1f0bae6412_s.jpg","src":"https:\/\/farm4.staticflickr.com\/3622\/3363784430_1f0bae6412.jpg","caption":"St. Andrews Castle Ruins"},{"thumb":"https:\/\/farm4.staticflickr.com\/3085\/3360038751_1cd086cbc5_s.jpg","src":"https:\/\/farm4.staticflickr.com\/3085\/3360038751_1cd086cbc5.jpg","caption":"Coke Truck"},{"thumb":"https:\/\/farm4.staticflickr.com\/3436\/3360852836_813c5261e6_s.jpg","src":"https:\/\/farm4.staticflickr.com\/3436\/3360852836_813c5261e6.jpg","caption":"Brooklyn Bridge &amp; School Bus"},{"thumb":"https:\/\/farm4.staticflickr.com\/3433\/3359730425_10a0795077_s.jpg","src":"https:\/\/farm4.staticflickr.com\/3433\/3359730425_10a0795077.jpg","caption":"Vintage Carlsberg Beer Boxes"}]});
});
//]]>
</script><script type="text/javascript">
//<![CDATA[
jQuery.noConflict();
jQuery(document).ready(function() { slickr_flickr_start(); });
//]]>
</script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink