root@OpenWrt:/# ipsec restart
Stopping strongSwan IPsec...
Starting strongSwan 5.3.3 IPsec [starter]...
root@OpenWrt:/# ipsec statusall
Status of IKE charon daemon (strongSwan 5.3.3, Linux 3.18.20, x86_64):
uptime: 11 seconds, since Dec 09 18:48:47 2015
malloc: sbrk 225280, mmap 0, used 212256, free 13024
worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 2
loaded plugins: charon aes des rc2 sha1 sha2 md5 random nonce x509 revocation constraints pubkey pkcs1 pgp dnskey sshkey pem fips-prf gmp xcbc hmac attr kernel-netlink resolve socket-default stroke updown xauth-generic
Listening IP addresses:
192.168.220.1
79.xxx.xxx.118
Connections:
ms: %any...xxx.dyndns.org,0.0.0.0/0,::/0 IKEv1 Aggressive
ms: local: [cougar] uses pre-shared key authentication
ms: remote: [racoon] uses pre-shared key authentication
ms: child: 192.168.220.0/24 === 192.168.8.0/24 TUNNEL
Security Associations (1 up, 0 connecting):
ms[1]: ESTABLISHED 11 seconds ago, 79.xxx.xxx.118[cougar]...79.xxx.xxx.173[racoon]
ms[1]: IKEv1 SPIs: 8b89a581b1d31502_i* 46613ad86a57075c_r, pre-shared key reauthentication in 56 minutes
ms[1]: IKE proposal: AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
ms{1}: INSTALLED, TUNNEL, reqid 1, ESP SPIs: c0026296_i 31a345cc_o
ms{1}: AES_CBC_128/HMAC_SHA1_96, 28 bytes_i, 0 bytes_o, rekeying in 14 minutes
ms{1}: 192.168.220.0/24 === 192.168.8.0/24
root@OpenWrt:/# traceroute 192.168.8.21
traceroute to 192.168.8.21 (192.168.8.21), 30 hops max, 46 byte packets
1 192.168.8.254 (192.168.8.254) 53.702 ms 53.536 ms 53.449 ms
2 192.168.8.21 (192.168.8.21) 53.158 ms 53.760 ms 54.332 ms
root@OpenWrt:/# ping 192.168.8.21
PING 192.168.8.21 (192.168.8.21): 56 data bytes
64 bytes from 192.168.8.21: seq=0 ttl=254 time=53.470 ms
64 bytes from 192.168.8.21: seq=1 ttl=254 time=53.430 ms
Alles anzeigen