Marown/setup-ipsec-vpn
1
0
Fork 0
mirror of https://github.com/hwdsl2/setup-ipsec-vpn.git synced 2024-07-02 10:35:45 +02:00
Code Issues Packages Projects Releases Wiki Activity
1,026 Commits 1 Branch 0 Tags 20 MiB
09d4018e2c
Commit Graph

317 Commits

Author SHA1 Message Date
hwdsl2
356a5bd130 Update docs 2021-03-29 15:05:45 -05:00
hwdsl2
4d371e360e Update docs 2021-03-29 00:09:15 -05:00
hwdsl2
191e0af9ff Update docs 2021-03-27 22:59:59 -05:00
hwdsl2
9437be8553 Update docs 2021-03-27 14:51:18 -05:00
hwdsl2
de2acaabc5 Update IKEv2 docs 
- Add Linux instructions for IKEv2
 2021-03-27 00:48:09 -05:00
hwdsl2
bf0f557416 Update docs 2021-03-21 14:48:44 -05:00
hwdsl2
ff38c87632 Update docs 2021-03-20 00:06:31 -05:00
hwdsl2
8fa3bfac80 Cleanup 2021-03-07 00:12:46 -06:00
hwdsl2
1abcd704be Update IKEv2 config 
- Use the AES_GCM128 cipher for improved performance
  Ref: https://libreswan.org/wiki/Benchmarking_and_Performance_testing
- Update docs
 2021-03-06 14:07:07 -06:00
hwdsl2
11f8502e3a Improve IKEv2 setup 
- Use default key size (2048 bits) when generating key pairs using
  certutil. This significantly reduces IKEv2 setup time on servers
  with less powerful CPUs, such as Raspberry Pis, while still providing
  sufficient security.
- Update docs
 2021-03-05 21:33:41 -06:00
hwdsl2
e7e9bf2dc0 Update docs 2021-03-01 10:12:46 -06:00
hwdsl2
ac86c8831c Update docs 
- Add new section for advanced usage
- Clean up important notes section
- Update IKEv2 docs
 2021-02-28 15:54:58 -06:00
hwdsl2
78a9f608e5 Update IKEv2 docs 
- Update Windows IKEv2 client instructions. Ref: #940.
 2021-02-21 14:57:37 -06:00
hwdsl2
12fdc8c11d Update docs 2021-02-10 10:26:18 -06:00
hwdsl2
ad1c635ca3 Update IKEv2 docs 
- Android 6.0 and older devices require additional instructions
  for IKEv2. Ref: #930
 2021-02-06 15:18:01 -06:00
hwdsl2
97624bf292 Update docs 2021-02-04 21:43:03 -06:00
hwdsl2
1327f9123e Update docs 2021-02-02 10:45:05 -06:00
hwdsl2
954b2acb7c Fix for IKEv2 
- Fix an issue where multiple IKEv2 clients behind the same NAT cannot
  connect simultaneously to the VPN server. Note that before this fix,
  this issue only occurs when using an IP address (instead of a DNS name)
  for IKEv2 for the VPN server.
- This issue is found to be related to Libreswan's matching of local IDs
  when checking connections. A local ID with '@' prefix has type ID_FQDN,
  which does not match the ID_IPV4_ADDR type that the peer expects. This
  prevents connection switching from working correctly for the scenario
  above. Removing the prefix fixed the issue.
- Fixes #924
 2021-02-01 21:42:31 -06:00
hwdsl2
c6182d76bb Update docs 2021-01-31 00:30:33 -06:00
hwdsl2
f6b8d13b05 Update docs 2021-01-30 14:31:37 -06:00
hwdsl2
cd588a07ae Update docs 2021-01-29 00:05:16 -06:00
hwdsl2
ec5dda8c1c Update IKEv2 docs 
- Update Windows IKEv2 client instructions, with steps to import
  the .p12 file using certutil, and add the VPN connection using
  Windows PowerShell for improved security and performance.
 2021-01-28 02:13:05 -06:00
hwdsl2
0ed9015a6b Update docs 2021-01-25 22:51:04 -06:00
hwdsl2
8c286df143 Cleanup 2021-01-24 20:01:40 -06:00
hwdsl2
7e20055671 Update docs 2021-01-24 15:55:26 -06:00
hwdsl2
2864473576 Update docs 2021-01-23 16:05:51 -06:00
hwdsl2
1c975c8410 Update docs 2021-01-21 23:11:20 -06:00
hwdsl2
0199df0369 Update IKEv2 docs 2021-01-21 01:39:15 -06:00
hwdsl2
7d9f2c6603 Fix IKEv2 
- Fix an issue with IKEv2 disconnecting after one hour due to IKE SA
  expiration, by setting ikelifetime and salifetime to 24h.
  Ref: #913 #844 https://libreswan.org/man/ipsec.conf.5.html
 2021-01-20 01:39:07 -06:00
hwdsl2
27dc3d25f2 Update docs 2021-01-19 01:42:29 -06:00
hwdsl2
bac2c9cf4c Update docs 2021-01-18 22:49:55 -06:00
hwdsl2
215c9030ba Update docs 2021-01-18 11:03:39 -06:00
hwdsl2
a3dae331b8 Update docs 2021-01-18 00:02:04 -06:00
hwdsl2
927e0ca7e3 Update docs 
- Update IKEv2 docs for .mobileconfig support
 2021-01-14 23:58:20 -06:00
hwdsl2
6c55c19b44 Update docs 
- Update Linux VPN client command-line instructions
 2021-01-08 01:29:05 -06:00
haleyrom
5d9929c8c7
Update Ubuntu VPN client instructions (#615) 
- Update instructions for configuring Ubuntu (and Deepin) VPN clients
- Fixes #906
 2021-01-08 00:54:30 -06:00
hwdsl2
0a8470da38 Update docs 
- Update Linux VPN client instructions. Ref: #876
 2021-01-05 23:53:07 -06:00
hwdsl2
fdd220b7a3 Update docs 2021-01-03 15:20:27 -06:00
hwdsl2
dabf765978 Update year 2021-01-03 00:35:24 -06:00
hwdsl2
5f1ca68350 Update docs 2020-12-31 23:10:10 -06:00
hwdsl2
88764568d2 Update docs 2020-12-29 16:36:44 -06:00
hwdsl2
8adead17b7 Update docs 2020-12-27 00:16:49 -06:00
hwdsl2
7006fb3fa5 Update docs 2020-12-26 15:19:21 -06:00
hwdsl2
95a7f9cde5 Update IKEv2 docs 2020-12-20 01:14:40 -06:00
hwdsl2
ac222d447c Update docs 
- Add note for macOS Big Sur 11.0. Closes #894.
 2020-12-16 00:01:08 -06:00
hwdsl2
cf96051d6f Update docs 2020-12-13 15:52:27 -06:00
hwdsl2
1c28442211 Update docs 2020-12-07 01:11:23 -06:00
hwdsl2
c424228658 Update IKEv2 docs 2020-12-01 00:42:11 -06:00
hwdsl2
4eb84bb3bf Update docs 
- Closes #882
 2020-11-24 20:53:04 -06:00
hwdsl2
afb8a7acce New Libreswan version 
- Upgrade Libreswan from 3.32 to 4.1
 2020-11-11 00:27:44 -06:00
hwdsl2
bff8e6cbc8 Update docs 2020-11-08 11:19:26 -06:00
Fuchen Shi
ba0d3f8dbd
Update ikev2-howto-zh.md (#867) 2020-11-08 11:09:47 -06:00
hwdsl2
580678aed5 Update docs 2020-08-26 23:53:41 -05:00
S. X. Liang
736877330b
Add AWS deployment template (#838) 
Add AWS deployment template

Authored-by: Scottpedia (https://github.com/Scottpedia)
 2020-08-26 22:20:04 -05:00
hwdsl2
5d8932e411 Update IKEv2 docs 2020-07-12 14:42:04 -05:00
hwdsl2
71dc5bab01 Update IKEv2 docs 
- Connecting multiple IKEv2 clients from behind the same NAT
  requires setting the "local ID" field to match the client name.
  Ref: https://github.com/libreswan/libreswan/issues/237
 2020-07-06 22:42:45 -05:00
hwdsl2
93e89919ac Update IKEv2 docs 2020-07-04 01:35:10 -05:00
hwdsl2
50ac87c7b3 Update docs 2020-06-11 01:37:47 -05:00
hwdsl2
2def2f2f20 Update docs 2020-06-08 02:01:17 -05:00
hwdsl2
8ea8bbfa4e Update IKEv2 docs 
- Add instructions for add/revoke client certificates
 2020-06-06 23:09:58 -05:00
hwdsl2
f3a93e17fc Update IKEv2 docs 2020-06-05 00:44:33 -05:00
hwdsl2
99e87f5287 Update IKEv2 docs 2020-05-31 17:37:49 -05:00
hwdsl2
204904abf4 Update IKEv2 docs 2020-05-30 23:13:14 -05:00
hwdsl2
60d89c7181 Update docs 2020-05-30 02:52:49 -05:00
hwdsl2
9a9496b41b Update docs 2020-05-25 14:29:51 -05:00
hwdsl2
09c68fda01 Update docs 
- Add troubleshooting section for Android MTU/MSS issues
- Remove "Access VPN server's subnet". This seems to work fine using
  the default configuration, without additional IPTables rules
 2020-05-16 23:35:52 -05:00
hwdsl2
d44b09d577 Update docs 2020-05-11 23:23:38 -05:00
hwdsl2
ace41ebc29 Add IKEv2 script 
- Add a helper script for automatic IKEv2 setup
- Update IKEv2 docs
 2020-05-11 01:18:34 -05:00
hwdsl2
1839943b0e Update docs 2020-05-03 22:12:17 -05:00
hwdsl2
9e6b26b1b2 Update docs 2020-05-03 01:59:37 -05:00
hwdsl2
7076376aac Update IKEv2 docs 
- For users running Libreswan 3.31, the "Use RSA/PSS signatures" option
  needs to be enabled in the strongSwan Android VPN client.
- Ref: https://lists.libreswan.org/pipermail/swan/2020/003440.html
 2020-04-30 01:13:39 -05:00
hwdsl2
03c4dd9b24 Update clients-zh.md 2020-04-11 17:02:00 -05:00
Stephen Nancekivell
228d801adb
Update clients.md (#767) 2020-04-11 16:19:35 -05:00
hwdsl2
ca6bf9818d Update docs 2020-01-15 23:58:44 -08:00
hwdsl2
815fdc0b1c Update docs 2020-01-13 00:22:25 -08:00
hwdsl2
4b28ce5de9 Update IKEv2 docs 
- Update macOS and iOS IKEv2 instructions
 2019-11-10 19:32:29 -08:00
hwdsl2
0dfe0d3021 Update IKEv2 docs 
- Add new IKEv2 instructions for Android 10
  Ref: https://wiki.strongswan.org/issues/3196
- Change certificate validity period to 120 months
 2019-11-10 17:23:12 -08:00
hwdsl2
60716c0654 Update docs 2019-09-22 21:11:31 -07:00
hwdsl2
9c17bcf63a Update docs 2019-09-08 23:49:51 -05:00
hwdsl2
1187cea1d7 Update docs 2019-09-07 22:34:19 -05:00
hwdsl2
c769212a92 Update docs 2019-09-06 18:57:00 -05:00
hwdsl2
772da07efd Add Debian 10 
- Add Debian 10 to supported OS
- Add a note on Debian 10 kernel versions
 2019-08-20 11:06:11 -05:00
hwdsl2
b9a4c23350 Update docs 
- Update troubleshooting section
- Closes #606
 2019-08-08 00:12:55 -05:00
hwdsl2
b579991206 Update docs 
- Remove Ubuntu 14.04 (now EOL)
 2019-06-01 21:22:34 -05:00
hwdsl2
f5f1a6cb3e Update docs 
- Minor clarification for Android VPN clients
 2019-04-29 10:13:41 -05:00
hwdsl2
4c55131587 Update docs 2019-04-24 22:09:23 -05:00
hwdsl2
e61efe242e Update IKEv2 docs 
- Add a known issue (#543)
 2019-03-15 23:13:30 -05:00
hwdsl2
0679c66071 Update docs 2019-02-09 16:24:19 -06:00
hwdsl2
d153a90fc3 Update docs 
- Add a known issue to IKEv2 docs. Ref: #414
- Cleanup
 2019-02-05 00:24:32 -06:00
hwdsl2
894e6ccf41 Update docs 2019-01-31 13:54:08 -06:00
hwdsl2
b36e8cdf33 Update docs 
- Add Linux VPN client instructions for Fedora and CentOS 7
 2019-01-30 19:43:53 -06:00
hwdsl2
6fb35e25cb Update year 2019-01-12 11:34:10 -06:00
hwdsl2
2e164ad976 Update docs 2018-12-19 00:14:52 -06:00
hwdsl2
ddaa0ee99c Improve DNS servers 
- Improve modecfgdns format
- Better parsing of DNS servers in upgrade scripts
- Add usage of DNS server variables to README and allow users to specify
  only one or both alternative DNS servers
 2018-12-17 00:07:04 -06:00
hwdsl2
4f64a72ed1 Update docs 
- Update instructions for Linux IPsec/L2TP VPN clients
 2018-12-10 21:51:47 -06:00
hwdsl2
b0a7cb3eaa Update docs 
- Add instructions for Ubuntu IPsec/L2TP VPN clients
- Cleanup
 2018-12-10 00:33:46 -06:00
hwdsl2
9756ef92fa Update docs 
- Add troubleshooting section on iOS/Android sleep mode
 2018-12-01 12:31:06 -06:00
hwdsl2
ff82c3fb6e Improve VPN ciphers 
- Optimize order of VPN ciphers for performance
 2018-11-24 10:30:42 -06:00
hwdsl2
582f98d18c Update docs 2018-11-23 11:52:38 -06:00
hwdsl2
60b65bac19 Update docs 
- Update docs for managing VPN users
 2018-11-23 00:21:47 -06:00
hwdsl2
83b0663318 Add more helper scripts 
- Create additional helper scripts for managing VPN users
- Update docs
- Closes: #355
 2018-11-22 16:49:56 -06:00
hwdsl2
b979d1f15d Add helper script 
- Create a helper script for updating VPN users
- Update docs
 2018-11-22 02:46:28 -06:00
hwdsl2
3a63cc4f24 Update docs 
- Update Ubuntu package name for L2TP kernel module. Ref: #482
- Cleanup
 2018-11-20 16:12:44 -06:00
hwdsl2
ed997dd190 Update docs 2018-11-16 13:05:29 -06:00
hwdsl2
7c6563d581 Update docs 
- Add info about IPv6 traffic
- Closes #480. Thanks @sunfeilong!
 2018-11-09 18:47:34 -06:00
hwdsl2
442458193a Update docs 
- Add Windows PowerShell commands for creating a VPN connection
- Closes #478. Thanks @nzbart!
 2018-11-09 00:00:58 -06:00
hwdsl2
593bb3eea0 Update docs 2018-11-07 00:40:24 -06:00
hwdsl2
273ebe0487 Update docs 2018-11-05 07:47:09 -06:00
hwdsl2
4ee2814358 Update IKEv2 docs 2018-11-04 11:43:46 -06:00
hwdsl2
23458655ac Update IKEv2 docs 
- Add "pfs=no" to fix IKEv2 disconnect issues (at 8 mins) on iOS/macOS
- Replace "fragmentation" with "ike-frag" for compatibility
- Fixes #474
- Ref: https://github.com/libreswan/libreswan/issues/222
- Ref: http://www.openradar.appspot.com/29821241
 2018-11-04 00:59:01 -05:00
hwdsl2
f1c8c06af1 Improve VPN ciphers 
- Replace "aes_gcm256-null,aes_gcm128-null" with "aes_gcm-null" to
  improve compatibility with some Linux kernels
- Ref: https://libreswan.org/wiki/FAQ#Using_aes_gcm_or_aes_ctr_results_in_ERROR:_netlink_response_for_Add_SA_esp.XXXXXXXX.40IPADDRESS_included_errno_22:_Invalid_argument
 2018-11-02 01:54:49 -05:00
hwdsl2
ce895e7116 Update IKEv2 docs 
- Change 'mobike' from 'yes' to 'no' by default, because it is not
  available on Ubuntu and can prevent the IKEv2 config from loading
 2018-11-02 01:30:11 -05:00
hwdsl2
e797493a17 Update IKEv2 docs 2018-10-30 00:00:08 -05:00
hwdsl2
ccc93a8c96 Update docs 2018-10-29 01:27:04 -05:00
hwdsl2
5f75a7306a Improve VPN ciphers 
- Revert 'sha2-truncbug' from 'no' to 'yes' to fix compatibility with
  Android versions 6.x and 7.x.
- Remove aes128-sha2_512 algorithm
- Ref: 732ad1e
 2018-10-28 00:33:42 -05:00
hwdsl2
732ad1e941 Improve VPN ciphers 
- Optimize VPN ciphers and their order for improved security and
  compatibility with different OS. Remove 3DES algorithm
- Change 'sha2-truncbug' from 'yes' to 'no'
- Update docs
 2018-10-27 00:53:19 -05:00
hwdsl2
2f9f5c39de Update IKEv2 docs 
- Add known issue about multiple IKEv2 clients from behind the same NAT
- Ref: #469
 2018-10-26 15:16:39 -05:00
hwdsl2
f05bf90dbc Update IKEv2 docs 
- Enable MOBIKE option for Libreswan 3.23 and newer
- Add AES-GCM cipher for improved performance
 2018-10-25 01:07:56 -05:00
hwdsl2
0442d25217 Update IKEv2 docs 2018-10-21 20:52:05 -05:00
hwdsl2
804211c101 Cleanup 2018-10-21 00:20:54 -05:00
hwdsl2
599eb1aa8a Update IKEv2 docs 
- Add IKEv2 instructions for OS X (macOS) clients
- Cleanup
 2018-10-16 20:29:07 -05:00
hwdsl2
9c529435cf Fix IKEv2 docs 
- Fixed an issue with address pool clashing by reverting to
  rightaddresspool=192.168.43.10-192.168.43.250
- Replaced "Example" with "IKEv2 VPN" for clarity
- Closes #465
 2018-10-14 23:53:06 -05:00
hwdsl2
26ef49b099 Update IKEv2 docs 
- Add instructions for iOS (iPhone/iPad). Thanks @zzuzjl for the
  suggestion!
- Change IKEv2 address pool to 192.168.43.150-192.168.43.250 to help
  avoid conflict with IPsec/XAuth
- Closes #453. Closes #461
- Cleanup
 2018-10-13 14:26:09 -05:00
hwdsl2
20f57975b3 Update docs 
- Add notes for the faster IPsec/XAuth and IKEv2 modes
- Cleanup
 2018-09-30 18:36:42 -05:00
hwdsl2
7d4ac79259 Update IKEv2 docs 
- Re-add Android instructions to IKEv2 docs because it is fixed in
  Libreswan 3.26
- Ref: 964b793 #307
- Cleanup
 2018-09-22 01:58:58 -05:00
hwdsl2
5d3f4eb7e6 Update docs 
- Update README and IKEv2 docs for Libreswan 3.26
 2018-09-21 23:56:16 -05:00
hwdsl2
716bdad687 Update docs 
- Add troubleshooting sections for Windows 10 version 1803 and macOS
  IPsec/L2TP mode "Send all traffic"
- Cleanup
- Ref: #442 #376
 2018-09-14 00:01:00 -05:00
hwdsl2
7ce65083af Update IKEv2 docs 
- Skip the "random keystrokes" step when generating certificates
  (use /dev/urandom instead)
- Cleanup
 2018-09-06 00:22:31 -05:00
hwdsl2
89e105fcda Update docs 
- Closes #433
 2018-09-04 00:51:58 -05:00
hwdsl2
c8e1bbe6d0 Update docs 
- Add note for Windows 10 upgrade issues. Closes #376
- Add note for Android VPN troubleshooting. Ref: #416
 2018-07-17 00:23:14 -05:00
hwdsl2
b8088d3934 Improve EPEL repo 
- Improve handling of the EPEL repository. Although uncommon, some systems
  can have epel-release installed but disabled in /etc/yum.repos.d/epel.repo
- Fixes #210
 2018-07-04 20:07:32 -05:00
hwdsl2
94ca6536c8 Update docs 
- Fix/Update links
- Add reg files for Windows Error 809 fix
- Move Linux client instructions
 2018-05-13 15:26:14 -05:00
hwdsl2
9417d26afd Update docs 
- Improve Chromebook troubleshooting section
 2018-05-10 00:11:59 -05:00
hwdsl2
05847255e5 Update docs 
- Fix Shrew Soft VPN Client instructions
- Tested and working in Windows 7
- Closes #326
- Closes #379
 2018-05-09 02:46:03 -05:00
hwdsl2
964b7934aa Update IKEv2 docs 
- Add rightid=%fromcert to ipsec.conf
- Remove strongSwan Android VPN client instructions due to issues (#307)
 2018-05-08 03:11:48 -05:00
hwdsl2
a3ee9ce033 Update docs 2018-05-08 01:05:22 -05:00
hwdsl2
17ca2ee87f Update docs 2018-05-05 19:37:33 -05:00
hwdsl2
0c6cb4b8a9 Update year 2018-05-05 18:49:38 -05:00
hwdsl2
36208fa4ca Update docs 2018-02-17 10:05:34 -06:00
hwdsl2
43dbac6c3c Update docs 2018-02-11 00:37:00 -06:00
hwdsl2
70c6d6b540 Various clean up 2017-11-01 01:01:49 -05:00
hwdsl2
68a6375399 Update docs 2017-10-27 01:02:03 -05:00
Any
e316c8cdf8 Troubleshooting error 728 (#250) 
* Update docs
 2017-10-27 00:35:51 -05:00
hwdsl2
087306dbf5 Update docs 2017-10-02 21:55:21 -05:00
hwdsl2
f8414c40f6 Update images 
- Update VPN properties screenshots for MS-CHAP v2
 2017-09-25 18:59:04 -05:00
hwdsl2
bc0324f957 Improve IKEv2 docs 
- Make it clear how to use the VPN server's DNS name to connect
 2017-06-03 14:53:45 -05:00
hwdsl2
47a9015135 Improve VPN ciphers 
- Add 3des-sha2 to allowed VPN ciphers, and clean up
 2017-06-02 14:24:55 -05:00
hwdsl2
654ddcdfa4 Update docs 2017-05-30 15:01:26 -05:00
hwdsl2
d437f7044d Update docs 
- Add troubleshooting notes for Chromebook users
- Closes #147
 2017-05-16 16:05:25 -05:00
hwdsl2
7aeae4c8b8 Update docs 2017-05-05 10:37:45 -05:00