Nick Howitt wrote:

From the logs I am not interested in anything down to "loading ipsec.secrets". That is just Libreswan (not Openswan) start up stuff. It is the tunnel negotiation after that where the interesting (or not) stuff happens. Your logs don't match as they are a few minutes out and both logs show Libreswan initiating and not responding. I could do with the response log, say from site B, at around the time you restarted IPsec at site A. I only have a responding set up so I can't necessarily compare, but your logs are missing what I would expect but that could only be a responding thing.

In your conn, have you defined the subnets you want to link? I suspect not. Can you post the contents of any conf file in /etc/ipsec.d.

Yes, I have defined this. Here are the configs from both sides:

Side A



Side B

Nick Howitt wrote:
I think you are using one of the ClearOS packages because your log file is being redirected. Can you clarify which one? Is it the free Static IPsec VPN for home?

I'm using the ClearOS Static IPSEC VPN for Home package.

Nick Howitt wrote:
[edit]
BTW, if you do a tcpdump on the external interface you should only see encrypted packets.
[/edit]

[edit2]
Also, if not set, please set your Local LAN IP to your ClearOS LAN IP. It helps server to server communication. There is no need to set the Remote LAN IP. This does nothing.
[/edit2]

I've removed the Local LAN IP directives on both sides and still don't have a working two way tunnel.