Sonicwall TZ500 VPN with Libreswan
Setting up IPSEC VPN between Sonicwall TZ500 and Libreswan (running on Rocky 8 linux)
DH Groups
group1—768-bit Modular Exponential (MODP) algorithm.
group2—1024-bit MODP algorithm.
group5—1536-bit MODP algorithm.
group14—2048-bit MODP group.
group15—3072-bit MODP algorithm.
group16—4096-bit MODP algorithm.
group19—256-bit random Elliptic Curve Groups modulo a Prime (ECP groups) algorithm.
group20—384-bit random ECP groups algorithm.
group21—521-bit random ECP groups algorithm.
group24—2048-bit MODP Group with 256-bit prime order subgroup.
Linux side
conn aus2sydo
type=tunnel
authby=secret
auto=start
pfs=no
ike=aes256-sha1;dh5
ikev2=insist
esp=aes256-sha1
lifetime=28800
#salifetime=28800
aggrmode=no
left=%defaultroute
leftid=<pub IP of linux server>
leftsubnets={subnet of linux server}
right=<pub IP of sonicwall>
rightsubnet=<ip or subnet of sonicwall side>
Sonicwall side