Teltonika RUTX series 2022
---------------------------------
root@Teltonika-RUTXR1:~# ipsec statusall
Status of IKE charon daemon (strongSwan 5.9.2, Linux 5.4.147, armv7l):
uptime: 118 minutes, since Aug 17 10:49:39 2022
worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 1
loaded plugins: charon aes des sha2 sha1 md4 md5 random nonce x509 revocation constraints pubkey pkcs1 pkcs8 pgp pem openssl gmp xcbc
hmac kernel-netlink socket-default stroke vici updown eap-identity eap-mschapv2 xauth-generic
Listening IP addresses:
<censored>
192.168.20.1
fd2a:b33:666::1
Connections:
passth_Leitek_ph2_mob1s1a1: %any...%any IKEv1/2
passth_Leitek_ph2_mob1s1a1: local: uses public key authentication
passth_Leitek_ph2_mob1s1a1: remote: uses public key authentication
passth_Leitek_ph2_mob1s1a1: child: dynamic === dynamic PASS
Leitek-Leitek_c: %any...<censored> IKEv1, dpddelay=30s
Leitek-Leitek_c: local: [<censored>] uses pre-shared key authentication
Leitek-Leitek_c: remote: [<censored>] uses pre-shared key authentication
Leitek-Leitek_c: child: 192.168.20.0/24 === 192.168.16.0/24 TUNNEL, dpdaction=restart
Shunted Connections:
passth_Leitek_ph2_mob1s1a1: dynamic === dynamic PASS
Security Associations (0 up, 1 connecting):
Leitek-Leitek_c[48]: CONNECTING, <censored>[%any]...<censored>[%any]
Leitek-Leitek_c[48]: IKEv1 SPIs: 97da2442c2455ca4_i* 0000000000000000_r
Leitek-Leitek_c[48]: Tasks queued: QUICK_MODE
Leitek-Leitek_c[48]: Tasks active: ISAKMP_VENDOR ISAKMP_CERT_PRE MAIN_MODE ISAKMP_CERT_POST ISAKMP_NATD
root@Teltonika-RUTXR1:~# iptables -t nat -n -L | grep 'pol ipsec'
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 policy match dir out pol ipsec /* !fw3: Exclude-IPsec-from-NAT */