Sonicwall TZ500 VPN with Libreswan

Setting up IPSEC VPN between Sonicwall TZ500 and Libreswan (running on Rocky 8 linux)

DH Groups

group1—768-bit Modular Exponential (MODP) algorithm.
group2—1024-bit MODP algorithm.
group5—1536-bit MODP algorithm.
group14—2048-bit MODP group.
group15—3072-bit MODP algorithm.
group16—4096-bit MODP algorithm.
group19—256-bit random Elliptic Curve Groups modulo a Prime (ECP groups) algorithm.
group20—384-bit random ECP groups algorithm.
group21—521-bit random ECP groups algorithm.
group24—2048-bit MODP Group with 256-bit prime order subgroup.

Linux side

conn aus2sydo

type=tunnel

authby=secret

auto=start

pfs=no

ike=aes256-sha1;dh5

ikev2=insist

esp=aes256-sha1

lifetime=28800

#salifetime=28800

aggrmode=no

left=%defaultroute

leftid=<pub IP of linux server>

leftsubnets={subnet of linux server}

right=<pub IP of sonicwall>

rightsubnet=<ip or subnet of sonicwall side>

Sonicwall side