Differences

This shows you the differences between two versions of the page.

--- technical:strongswan-apdesk [2026/01/11 21:30] – system
+++ technical:strongswan-apdesk [2026/01/12 06:22] (current) – [Required Items] system
@@ Line 3: / Line 3: @@
   * The MESHdesk firmware includes support for IKEv2+IPsec since Jan 2026.
   * When you build the firmware make sure you include:
-      * Network -> VPN -> StrongSwan -> strongswan-defaul (Meta Package)
+      * Network -> VPN -> StrongSwan -> strongswan-default (Meta Package)
       * Network -> xfrm (Needed for route based IPsec)
   * To make those packages appear in the available list of packages you need to insall them into the SDK
@@ Line 16: / Line 16: @@
   * In our setup we created a virtual setup in VirtualBox and ran an OpenWrt instance which are then configured using APdesk
 </WRAP>
 -----------
@@ Line 31: / Line 30: @@
 |Server ID  |Unique ID when server cert was generated  |In our case it was //- -san cloud.radiusdesk.com//  |
 |Xfrm Id Nr |Match **if_id_*** configured on the server  |  |
-|Endpoint IP |Unique ID per Client when cert is created  |In our case it was //- -san carol@strongswan.org//  |
+|Endpoint IP |Client's fixed IP Address  |Should be on the server's subnet e.g. 10.3.x.x |
 |Gateway IP |The IP Address from server prep script  |  |
+|Client ID |Unique ID per Client when cert is created  |In our case it was //- -san carol@strongswan.org//  |
 |CA |CA certificate we created earlier  |  |
 |Certificate |Client certificate we created earlier   |  |
@@ Line 39: / Line 39: @@
 |ESP Proposals |list of ESP proposals   |e.g. aes128-sha1-modp2048  |
+------------
 ===== Connection Info =====
   * The MESHdesk firmware records and reports the status and usage in the VPN tunnel.
@@ Line 44: / Line 45: @@
 {{:technical:ipsec:strongswan-02.png?nolink|}}
+------------
 ==== CLI Confirmation ====
   * We can use the swanctl program on OpenWrt to confirm the SA has been established: