Marown/setup-ipsec-vpn
1
0
Fork 0
mirror of https://github.com/hwdsl2/setup-ipsec-vpn.git synced 2024-06-30 09:35:44 +02:00
Code Issues Packages Projects Releases Wiki Activity
1,173 Commits 1 Branch 0 Tags 20 MiB
6b6ad1cbd8
Commit Graph

328 Commits

Author SHA1 Message Date
hwdsl2
6b6ad1cbd8 Update IKEv2 script 
- Add a check for OpenSSL 3 when creating client configuration.
 2022-07-26 23:55:14 -05:00
hwdsl2
5efff22b1a Update IKEv2 script 
- Update NSS workaround for Ubuntu 18.04 with new package versions
 2022-07-09 22:29:35 -05:00
hwdsl2
35969d2bbb Update Alpine Linux versions 
- Add Alpine Linux 3.16 and remove 3.14.
 2022-06-19 22:41:21 -05:00
hwdsl2
39bdb36484 Update IKEv2 script 
- Add Alpine Linux 3.16 and remove 3.14.
 2022-06-19 22:17:13 -05:00
hwdsl2
001b363a07 Update IKEv2 script 
- Disable MOBIKE when running on Synology NAS. MOBIKE is not supported
  on these systems and prevents IKEv2 from working if enabled.
  Ref: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/298
 2022-06-18 01:27:17 -05:00
hwdsl2
8cf4cc3825 Update IKEv2 script 
- Update workaround for newer NSS and openssl versions to include
  Debian testing in addition to Ubuntu 22.04.
  Ref: #1184
 2022-06-18 01:20:49 -05:00
hwdsl2
d36c435c95 Improve IPsec config 
- IKEv2 mode uses retransmit-timeout instead of dpdtimeout.
- Increase timeouts from 120s to 300s, so that the VPN server can
  keep the VPN connection open if the client's network is unstable.
 2022-06-15 00:28:21 -05:00
hwdsl2
0e24f8b086 Cleanup 2022-06-09 13:44:16 -05:00
hwdsl2
593f726c80 Cleanup 2022-06-07 22:48:40 -05:00
hwdsl2
41d37e808e Cleanup 2022-06-07 00:37:31 -05:00
hwdsl2
6e6d01dcf7 Improve IPTables rules 
- Improve IPTables rules for IPsec VPN setup on systems such as CentOS 8.
  Do not add a DROP rule to the IPTables FORWARD chain if firewalld is
  active, so that existing firewalld FORWARD rules can continue to work.
 2022-06-05 00:02:22 -05:00
hwdsl2
7b9813d562 Cleanup 2022-05-27 01:12:37 -05:00
hwdsl2
34d9ad06d5 New Libreswan version 
- Support upgrading to Libreswan 4.7.
 2022-05-25 23:59:21 -05:00
hwdsl2
ffb22c4858 Cleanup 2022-05-23 22:08:30 -05:00
hwdsl2
dce25ada28 Update IKEv2 script 
- Add a note about OpenVPN and WireGuard which can be optionally
  installed alongside IPsec VPN.
 2022-05-23 08:22:53 -05:00
hwdsl2
0e08b79342 Improve VPN setup 
- When uninstalling, leave IP forwarding enabled if OpenVPN
  or WireGuard is installed on the system.
 2022-05-20 20:05:10 -05:00
hwdsl2
1aa2d87e01 Update IKEv2 script 
- Update NSS workaround for Ubuntu 18.04 with new package versions
 2022-05-13 09:27:22 -05:00
hwdsl2
62d85490de Improve VPN setup 
- On Alpine Linux, update crontabs when uninstalling the VPN.
  These cron jobs are for restarting the ipsec service on failure.
  Ref: 15d8651
 2022-05-13 09:26:08 -05:00
hwdsl2
9ab949d61d Cleanup 2022-05-10 09:03:00 -05:00
hwdsl2
932e05985f Improve VPN setup 
- Remove the reboot recommendation when uninstalling using
  the helper script.
- Set net.ipv4.conf.all.rp_filter to 1 in vpnuninstall.sh.
  Ref: https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt
 2022-05-08 08:31:14 -05:00
hwdsl2
81d26c08fa Update IKEv2 script 
- Add a check for IKEv2-only mode before removing IKEv2.
 2022-05-08 02:59:28 -05:00
hwdsl2
eed8e236a3 Cleanup 2022-05-08 02:43:47 -05:00
hwdsl2
c66ca577f3 Update links 
- Update links due to git.io deprecation.
  Ref: https://github.blog/changelog/2022-04-25-git-io-deprecation/
 2022-04-29 22:32:22 -05:00
hwdsl2
cc709766e9 Update links 
- Update links due to git.io deprecation.
  Ref: https://github.blog/changelog/2022-04-25-git-io-deprecation/
 2022-04-28 08:24:22 -05:00
hwdsl2
b2626dc921 Cleanup 2022-04-27 00:05:45 -05:00
hwdsl2
a1ab13d9a9 Improve VPN setup 
- Add fallback URLs for improved reliability
 2022-04-11 22:36:43 -05:00
hwdsl2
78517c43c9 Update IKEv2 script 
- New: Delete an IKEv2 client certificate using the IKEv2 helper script.
- Cleanup
 2022-04-06 22:49:20 -05:00
hwdsl2
3bd9acf6ea Cleanup 2022-04-05 23:39:42 -05:00
hwdsl2
37b2ba3559 Update IKEv2 script 
- Show total when listing IKEv2 clients
- Cleanup
 2022-04-05 23:38:43 -05:00
hwdsl2
629b39d3b3 Add Oracle Linux 
- Add support for Oracle Linux 8 and 7.
 2022-03-20 23:10:11 -05:00
hwdsl2
9e58aace48 Cleanup 2022-03-20 10:06:25 -05:00
hwdsl2
3a5d46653d Update IKEv2 script 
- Add a workaround for Ubuntu 22.04 "password is incorrect" issue
  when importing IKEv2 client config files into iOS and macOS devices.
- Ubuntu 22.04 uses OpenSSL 3, which has a default "openssl pkcs12"
  encoding algorithm that is incompatible with iOS and macOS devices.
  Ref: https://developer.apple.com/forums/thread/697030?answerId=701291022#701291022
 2022-03-20 02:49:09 -05:00
hwdsl2
d794fe0772 Cleanup 2022-03-20 00:14:25 -05:00
hwdsl2
742e43ffcd Cleanup 2022-03-18 21:52:20 -05:00
hwdsl2
be02488fcd Improve VPN setup 
- Remove add/delete user helper scripts during VPN uninstall.
 2022-03-13 18:15:52 -05:00
hwdsl2
a891b7613c Fix for Alpine Linux 
- Fix IPsec service on Alpine Linux. Fixes #1123.
- Clean up unneeded /etc/rc.local code for this OS.
 2022-03-12 23:55:32 -06:00
hwdsl2
d2321d76af Check VPN subnets 
- Check for custom VPN subnet(s) in the uninstall script. This is for
  the uncommon cases where VPN subnet(s) were customized during setup.
 2022-03-12 17:08:00 -06:00
hwdsl2
beb756f1f2 Remove CentOS 8 
- Remove support for CentOS Linux 8, which is EOL.
  Ref: https://www.centos.org/centos-linux-eol/
 2022-03-08 21:39:19 -06:00
hwdsl2
e5703d8aaa Cleanup 2022-03-07 21:29:13 -06:00
hwdsl2
65b3f54ff9 Cleanup 2022-03-06 09:38:38 -06:00
hwdsl2
6f4080bab4 Improve VPN setup 
- Refactor VPN scripts to move IKEv2 setup inside vpnsetup_*.sh
 2022-03-03 22:05:09 -06:00
hwdsl2
6850aa7f3b Update IKEv2 script 
- Change the warning for parameter "--auto" to an error, in cases
  that IKEv2 is already set up on the server.
 2022-03-02 21:46:15 -06:00
hwdsl2
d37a2fb811 Improve quick start script 
- The VPN quick start script now supports most of the environment
  variables (such as VPN_DNS_SRV1) that are currently supported by
  vpnsetup.sh and ikev2.sh. This change enables customization by
  advanced users when running the quick start script.
 2022-02-25 23:41:49 -06:00
hwdsl2
f7c5ecf504 Update IKEv2 script 
- Create a client config README file under certain circumstances,
  such as when setting up IKEv2 automatically and users might not
  see the script's output.
 2022-02-25 23:25:34 -06:00
hwdsl2
32a55ec06a Update IKEv2 script 
- Make IKEv2 client address pool customizable using VPN_XAUTH_POOL,
  similar to vpnsetup.sh. This is for advanced users only.
 2022-02-25 21:17:09 -06:00
hwdsl2
88c86c0191 Update IKEv2 script 
- Show the option to protect IKEv2 client config files only during
  IKEv2 setup, not when adding or exporting a client.
- Cleanup
 2022-02-20 21:45:11 -06:00
hwdsl2
42c8d288e2 Cleanup 
- Improve backup of VPN config files
 2022-02-18 21:42:37 -06:00
hwdsl2
58e82552ae Update IKEv2 script 
- Minor improvements and cleanup
 2022-02-17 21:36:19 -06:00
hwdsl2
3d817c7fd4 Update IKEv2 script 
- Cleanup
 2022-02-15 21:17:47 -06:00
hwdsl2
4bc8fba344 Update IKEv2 script 
- Display a note if no password is required when importing client
  config files.
- Advanced users can now define VPN_PROTECT_CONFIG=yes when setting up
  IKEv2, if they want to protect client config files with a password.
 2022-02-15 21:15:08 -06:00