Introduction
This HOWTO cover how to configure OpenIKE (IKE v2) on OpenBSD.
Configuration
/etc/iked.conf on VPN1
remote_gw = "82.182.106.1"
local_gw = "192.168.102.2"
ikev2 active esp from $local_gw to $remote_gw psk "CHANGE_THIS_TO_A_STRONG_PSK"
ikev2 active esp from 192.168.100.0/24 to 192.168.200.0/24 peer $remote_gw psk "CHANGE_THIS_TO_A_STRONG_PSK"
ikev2 active esp from 192.168.102.0/24 to 192.168.200.0/24 peer $remote_gw psk "CHANGE_THIS_TO_A_STRONG_PSK"
/etc/iked.conf on VPN2
remote_gw = "82.182.103.1"
local_gw = "192.168.200.2"
ikev2 active esp from $local_gw to $remote_gw psk "CHANGE_THIS_TO_A_STRONG_PSK"
ikev2 active esp from 192.168.200.0/24 to 192.168.100.0/24 peer $remote_gw psk "CHANGE_THIS_TO_A_STRONG_PSK"
ikev2 active esp from 192.168.200.0/24 to 192.168.102.0/24 peer $remote_gw psk "CHANGE_THIS_TO_A_STRONG_PSK"
Bring up enc0
ifconfig enc0 up
Ports to forward in GW1 and GW2
UDP 500 and UDP 4500
Auto start when booting
echo "iked_flags=YES" >> /etc/rc.conf.local
echo "up" > /etc/hostname.enc0