Setup Site-to-Site VPN connection with Strongswan. Execute this script on each gateway and change switch the variables accordingly

ipsec_config.sh

export LEFT_GW_IP=35.157.246.157
export LEFT_CIDR=10.1.1.0/24
export RIGHT_GW_IP=35.158.110.212
export RIGHT_CIDR=10.2.1.0/24

sudo su
apt-get update -y
apt-get install -y strongswan

cat >> /etc/sysctl.conf << EOF 
net.ipv4.ip_forward = 1 
net.ipv4.conf.all.accept_redirects = 0 
net.ipv4.conf.all.send_redirects = 0 
EOF
sysctl -p /etc/sysctl.conf


cat >> /etc/ipsec.secrets << EOF 
$RIGHT_GW_IP $LEFT_GW_IP : PSK “loremipsum"
EOF

cat >> /etc/ipsec.conf << EOF 
# basic configuration 
config setup 
            charondebug="all” 
            uniqueids=yes 
            strictcrlpolicy=no 

# connection to amsterdam datacenter 
conn right-to-left
    authby=secret 
    left=%defaultroute 
    leftid=$RIGHT_GW_IP
    leftsubnet=$RIGHT_CIDR
    right=$LEFT_GW_IP
    rightsubnet=$LEFT_CIDR
    ike=aes256-sha2_256-modp1024! 
    esp=aes256-sha2_256! 
    keyingtries=0 
    ikelifetime=1h 
    lifetime=8h 
    dpddelay=30 
    dpdtimeout=120 
    dpdaction=restart 
    auto=start
EOF

iptables -t nat -A POSTROUTING -s $LEFT_CIDR -d $RIGHT_CIDR -j MASQUERADE
systemctl enable strongswan