_iked.conf

burro side:

local_net="192.168.2.0/26"
remote_net="192.168.4.0/30"
local_gw="186.67.181.205"
peer_gw="178.22.66.173"
state="passive"
ikev2 "vpn-zrh" $state esp \
  from $local_net to $remote_net \
  local $local_gw peer $peer_gw \
  ikesa auth hmac-sha1 enc aes-256 prf hmac-sha1 group modp1024 \
  childsa auth hmac-sha1 group modp1024 \ 
  psk "euFQDJHl94jpKC6rftHJUfpSfTNqZKij"  \
  tag "VPN" tap enc0

zrh side:

local_net="192.168.4.0/30"
remote_net="192.168.3.0/30"
local_gw="178.22.66.173"
peer_gw="186.67.181.205"
state="active"
ikev2 "vpn-zrh" $state esp \
  from local_net to remote_net
  local $local_gw peer $remote_gw \
  ikesa auth hmac-md5 enc des prf hmac-md5 group modp768 \
  childsa auth hmac-md5 group modp768 \ 
  psk "euFQDJHl94jpKC6rftHJUfpSfTNqZKij"  \
  tag "VPN" tap enc0
  
  
  CONFIGURATION OK:
  
  ikev2 "vpn-zrh"  \
  esp \
  from 186.67.181.205/32 to 178.22.66.173/32 \
#  peer 178.22.66.173 \
  psk "hvWv5HTy33TfoqzQyXQVjDRUwJsCdlBQ"


ESTABLISHED::

apu2# cat /etc/iked.conf                                                                                                                                                                                   
ikev2 "vpn-zrh"  \
  active esp \
  from 186.67.181.205/32 to 178.22.66.173/32 \
  peer 178.22.66.173 \
  psk "hvWv5HTy33TfoqzQyXQVjDRUwJsCdlBQ" 
  
  ikev2 "vpn-zrh" \
  esp \
  from 178.22.66.173/32 to 186.67.181.205/32 \
  local 178.22.66.173/32 peer 186.67.181.205/32 \
  psk "hvWv5HTy33TfoqzQyXQVjDRUwJsCdlBQ"