apt update && sudo apt upgrade -y && apt install strongswan -y
———————————————————————————————————
GCP
Ip Public IP_Public_GCP
IP Private Network_Private_Subnet_GCP
/etc/sysctl.conf
net.ipv4.ip_forward = 1
net.ipv6.conf.all.forwarding = 1
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.all.send_redirects = 0
sysctl -p /etc/sysctl.conf
Preshared Key
openssl rand -base64 64
HASH_Open_SSL
/etc/ipsec.secrets
IP_Public_GCP IP_Public_Azure : PSK "HASH_Open_SSL"
/etc/ipsec.conf
config setup
uniqueids=yes
strictcrlpolicy=no
conn gcp
authby=secret
left=%defaultroute
leftid=IP_Public_GCP
leftsubnet=Network_Private_Subnet_GCP
right=IP_Public_Azure
rightsubnet=Network_Private_Subnet_Azure
ike=aes256-sha2_256-modp1024!
esp=aes256-sha2_256!
keyingtries=0
ikelifetime=1h
lifetime=8h
dpddelay=30
dpdtimeout=120
dpdaction=restart
auto=start
sudo iptables -t nat -A POSTROUTING -s Network_Private_Subnet_Azure -d Network_Private_Subnet_GCP -j MASQUERADE
———————————————————————————————————————
Azure
Ip Public IP_Public_Azure
IP Private Network_Private_Subnet_Azure
/etc/sysctl.conf
net.ipv4.ip_forward = 1
net.ipv6.conf.all.forwarding = 1
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.all.send_redirects = 0
/etc/ipsec.secrets
IP_Public_Azure IP_Public_GCP : PSK "HASH_Open_SSL"
nano /etc/ipsec.conf
config setup
charondebug="all"
uniqueids=yes
strictcrlpolicy=no
conn azure
authby=secret
left=%defaultroute
leftid=IP_Public_Azure
leftsubnet=Network_Private_Subnet_Azure
right=IP_Public_GCP
rightsubnet=Network_Private_Subnet_GCP
ike=aes256-sha2_256-modp1024!
esp=aes256-sha2_256!
keyingtries=0
ikelifetime=1h
lifetime=8h
dpddelay=30
dpdtimeout=120
dpdaction=restart
auto=start
sudo iptables -t nat -A POSTROUTING -s Network_Private_Subnet_GCP -d Network_Private_Subnet_Azure -j MASQUERADE
