IPsec/IKEv2-based VPN software for Linux
 
        | # sudo ip -6 addr add 2001:db8:10::1/64 dev eth0 # sudo ip -6 addr add 2001:db8:20::1/64 dev eth1 # sudo sysctl net.ipv6.conf.all.forwarding=1 | 
| # sudo ip -6 addr add 2001:db8:10::10/64 dev eth0 | 
| # sudo ip -6 addr add 2001:db8:20::100/64 dev eth0 # sudo ip -6 route add default via 2001:db8:20::1 | 
- VPN Configuration[Tab] > Edit VPN Realm(Save, Add, etc.)[Left-Tree]: Click this tree node and show Edit VPN Realm(Save, Add, Remove, or Load) pane.
- Click Add VPN Realm button.
- Add a VPN Realm[Dialog]: Enter the following, then click OK button.
              Realm ID: 10
              
              Realm Name: "Example VPN"
              
              Description: "Config for Example VPN."
              
              Mode: Router
            
              - VPN Configuration[Tab]
              > VPN Realms[Left-Tree]
              > 10:Example VPN(Router)[Left-Tree]
              > VPN Interface[Left-Tree]: 
              Click this tree node and show VPN Tunnel/TAP Interface pane.
            
- Enter the following.
              Internal Address Type: Static Address
              
              Internal Address > IPv6: 2001:db8:30::1
              
              Prefix: 64
            
              - VPN Configuration[Tab]
              > VPN Realms[Left-Tree]
              > 10:Example VPN(Router)[Left-Tree]
              > Network Interface[Left-Tree]: 
              Click this tree node and show Network Interface pane.
            
              - Uncheck Use default route and enter the followings.
              
                  Primary interface:
                    - Select eth0 as a source interface
               and IPv6. 
              
            
              - VPN Configuration[Tab]
              > VPN Realms[Left-Tree]
              > 10:Example VPN(Router)[Left-Tree]
              > Service[Left-Tree]: 
              Click this tree node and show Service pane.
            
- Network Deployment: Select Hub(Concentrator) Node.
- Remote Configuration(IKEv2): Select Disabled.
              - VPN Configuration[Tab]
              > VPN Realms[Left-Tree]
              > 10:Example VPN(Router)[Left-Tree]
              > My Key Store[Left-Tree]: 
              Click this tree node and show My Key Store pane.
            
- Enter the following.
              Authentication Method: Pre-Shared Key(PSK)
              
              My ID Type: Host Name(FQDN) 
              
              My ID: gateway1.example.com
              
              Pre-Shared Key(PSK): abcdefghij
            
              - VPN Configuration[Tab]
              > VPN Realms[Left-Tree]
              > 10:Example VPN(Router)[Left-Tree]
              > Peers' Key Store[Left-Tree]: 
              Click this tree node and show Peers Key Store pane.
            
- Click Add Peer's Pre-Shared Key(PSK) button.
              - Add a New Peer's Pre-Shared Key(PSK)[Dialog]:
              Enter the following, then click OK button.
            
              Peer ID Type: IKEv2: Host Name(FQDN) 
              
              Peer ID: remotehost1.example.com
              
              Pre-Shared Key(PSK): 1234567890
            
              - VPN Configuration[Tab]
              > Edit VPN Realm(Save, Add, etc.)[Left-Tree]: 
              Click this tree node and show Edit VPN Realm(Save, Add, Remove, or Load) pane.
            
- Click Save Configuration button.
              - VPN Configuration[Tab]
              > Edit VPN Realm(Save, Add, etc.)[Left-Tree]: 
              Click this tree node and show Edit VPN Realm(Save, Add, Remove, or Load) pane.
            
- Click Add VPN Realm button.
- Add a VPN Realm[Dialog]: Enter the following, then click OK button.
              Realm ID: 10
              
              Realm Name: "Example VPN"
              
              Description: Config for Example VPN."
              
              Mode: End Node
            
              - VPN Configuration[Tab]
              > VPN Realms[Left-Tree]
              > 10:Example VPN(End Node)[Left-Tree]
              > VPN Interface[Left-Tree]: 
              Click this tree node and show VPN Tunnel/TAP Interface pane.
            
- Enter the following.
              Internal Address Type: Static Address
              
              Internal Address > IPv6: 2001:db8:30::10
              
              Prefix: 64
            
              - VPN Configuration[Tab]
              > VPN Realms[Left-Tree]
              > 10:Example VPN(End Node)[Left-Tree]
              > Network Interface[Left-Tree]: 
              Click this tree node and show Network Interface pane.
            
              - Check Use default route.
              
              or
              
              - Uncheck Use default route and enter the followings.
              
                  Primary interface:
                    - Select eth0 as a source interface
               and IPv6. 
              
            
              - VPN Configuration[Tab]
              > VPN Realms[Left-Tree]
              > 10:Example VPN(End Node)[Left-Tree]
              > Service[Left-Tree]: 
              Click this tree node and show Service pane.
            
- Network Deployment: Select Spoke Node/Other.
- Remote Configuration(IKEv2): Select Disabled.
              - VPN Configuration[Tab]
              > VPN Realms[Left-Tree]
              > 10:Example VPN(End Node)[Left-Tree]
              > My Key Store[Left-Tree]: 
              Click this tree node and show My Key Store pane.
            
- Enter the following.
              Authentication Method: Pre-Shared Key(PSK)
              
              My ID Type: Host Name(FQDN) 
              
              My ID: remotehost1.example.com
              
              Pre-Shared Key(PSK): 1234567890
            
              - VPN Configuration[Tab]
              > VPN Realms[Left-Tree]
              > 10:Example VPN(End Node)[Left-Tree]
              > Peers[Left-Tree]: 
              Click this tree node and show Peers pane.
            
- Click Add Peer button.
- Add a New Peer[Dialog]: Enter the following, then click OK button.
              Peer ID Type: Host Name(FQDN) 
              
              Peer ID: gateway1.example.com
            
              - VPN Configuration[Tab]
              > VPN Realms[Left-Tree]
              > 10:Example VPN(End Node)[Left-Tree]
              > Peers[Left-Tree] > gateway1.example.com(FQDN)[Left-Tree]: 
              Click this tree node and show Peer: gateway1.example.com(FQDN) pane.
            
- Enter the following.
              Peer's IP Address: IPv6, 2001:db8:10::1
              
              This peer's Network Deployment: Hub(Concentrator) Node
            
              - VPN Configuration[Tab]
              > VPN Realms[Left-Tree]
              > 10:Example VPN(End Node)[Left-Tree]
              > Peers' Key Store[Left-Tree]: 
              Click this tree node and show Peers Key Store pane.
            
- Click Add Peer's Pre-Shared Key(PSK) button.
- Add a New Peer's Pre-Shared Key(PSK)[Dialog]: Enter the following, then click OK button.
              Peer ID Type: IKEv2: Host Name(FQDN) 
              
              Peer ID: gateway1.example.com
              
              Pre-Shared Key(PSK): abcdefghij
            
              - VPN Configuration[Tab]
              > VPN Realms[Left-Tree]
              > 10:Example VPN(End Node)[Left-Tree]
              > Internal Route Map[Left-Tree]: 
              Click this tree node and show Internal Route Map pane.
            
- Click Add Route button.
- Add a New Internal Route[Dialog]: Enter the following, then click OK button.
              IP Version: IPv6
              
              Destination IPv6 Network: 2001:db8:20::
              
              Prefix: 64
              
              Forwarding Type: Gateway IP Address
              
              Forward To: 2001:db8:30::1
            
              - VPN Configuration[Tab]
              > Edit VPN Realm(Save, Add, etc.)[Left-Tree]: 
              Click this tree node and show Edit VPN Realm(Save, Add, Remove, or Load) pane.
            
- Click Save Configuration button.