Hi guys
Im trying to make an ipsec tunnel between my vyos server and Google Cloud VPN
Ipsec is up and running, the tunnel is up, but routing doesnt work
This is my confing, im missing something?
# show vpn ipsec
esp-group gcp-esp {
compression disable
lifetime 10800
mode tunnel
pfs dh-group2
proposal 1 {
encryption aes128
hash sha1
}
}
ike-group gcp-ike {
ikev2-reauth no
key-exchange ikev1
lifetime 36000
proposal 1 {
dh-group 2
encryption aes128
hash sha1
}
}
ipsec-interfaces {
interface eth4
}
site-to-site {
peer my.google.vpn.gateway.address {
authentication {
id my.router.public.ip
mode pre-shared-secret
pre-shared-secret cccccccccccccccccccccccccccccccccccc
}
ike-group gcp-ike
local-address my.router.public.ip
tunnel 0 {
allow-nat-networks disable
allow-public-networks disable
esp-group gcp-esp
local {
prefix 192.168.0.0/24
}
remote {
prefix 10.164.0.0/20
}
}
}
}
$ show vpn ipsec status
IPSec Process Running PID: 29377
1 Active IPsec Tunnels
IPsec Interfaces :
eth4 (my.router.public.ip)
$ show vpn ipsec sa
Peer ID / IP Local ID / IP
------------ -------------
my.google.vpn.gateway.address my.router.public.ip
Tunnel State Bytes Out/In Encrypt Hash NAT-T A-Time
L-Time Proto
------ ----- ------------- ------- ---- ----- ------
------ -----
0 up 0.0/0.0 aes256 sha1_96 no 3600 10800 all