Marown/setup-ipsec-vpn
1
0
Fork 0
mirror of https://github.com/hwdsl2/setup-ipsec-vpn.git synced 2024-06-30 09:35:44 +02:00
Code Issues Packages Projects Releases Wiki Activity
1,016 Commits 1 Branch 0 Tags 20 MiB
d2da364e16
Commit Graph

290 Commits

Author SHA1 Message Date
hwdsl2
e5703d8aaa Cleanup 2022-03-07 21:29:13 -06:00
hwdsl2
65b3f54ff9 Cleanup 2022-03-06 09:38:38 -06:00
hwdsl2
6f4080bab4 Improve VPN setup 
- Refactor VPN scripts to move IKEv2 setup inside vpnsetup_*.sh
 2022-03-03 22:05:09 -06:00
hwdsl2
6850aa7f3b Update IKEv2 script 
- Change the warning for parameter "--auto" to an error, in cases
  that IKEv2 is already set up on the server.
 2022-03-02 21:46:15 -06:00
hwdsl2
d37a2fb811 Improve quick start script 
- The VPN quick start script now supports most of the environment
  variables (such as VPN_DNS_SRV1) that are currently supported by
  vpnsetup.sh and ikev2.sh. This change enables customization by
  advanced users when running the quick start script.
 2022-02-25 23:41:49 -06:00
hwdsl2
f7c5ecf504 Update IKEv2 script 
- Create a client config README file under certain circumstances,
  such as when setting up IKEv2 automatically and users might not
  see the script's output.
 2022-02-25 23:25:34 -06:00
hwdsl2
32a55ec06a Update IKEv2 script 
- Make IKEv2 client address pool customizable using VPN_XAUTH_POOL,
  similar to vpnsetup.sh. This is for advanced users only.
 2022-02-25 21:17:09 -06:00
hwdsl2
88c86c0191 Update IKEv2 script 
- Show the option to protect IKEv2 client config files only during
  IKEv2 setup, not when adding or exporting a client.
- Cleanup
 2022-02-20 21:45:11 -06:00
hwdsl2
42c8d288e2 Cleanup 
- Improve backup of VPN config files
 2022-02-18 21:42:37 -06:00
hwdsl2
58e82552ae Update IKEv2 script 
- Minor improvements and cleanup
 2022-02-17 21:36:19 -06:00
hwdsl2
3d817c7fd4 Update IKEv2 script 
- Cleanup
 2022-02-15 21:17:47 -06:00
hwdsl2
4bc8fba344 Update IKEv2 script 
- Display a note if no password is required when importing client
  config files.
- Advanced users can now define VPN_PROTECT_CONFIG=yes when setting up
  IKEv2, if they want to protect client config files with a password.
 2022-02-15 21:15:08 -06:00
hwdsl2
f072e8312a Update IKEv2 script 
- Cleanup
 2022-02-14 23:45:13 -06:00
hwdsl2
7c0d08442e Update IKEv2 script 
- Improve backward compatibility: Protect IKEv2 client config files
  using a password if one was previously generated.
- Ref: dbc3527
 2022-02-14 03:46:06 -06:00
hwdsl2
444403ba10 Add IKEv2 change address helper script 
- New: IKEv2 change address helper script. This script can be used
  to change the IKEv2 VPN server's address.
 2022-02-13 23:41:35 -06:00
hwdsl2
f815d6810a Update IKEv2 script 
- Minor improvement for IKEv2 config passwords
 2022-02-12 16:16:46 -06:00
hwdsl2
5c85b5693c Cleanup 
- Change the default action to 'continue' in VPN scripts
 2022-02-12 12:24:26 -06:00
hwdsl2
fb85eae7ba Update IKEv2 script 
- Add an option to protect IKEv2 client config files using a password,
  which users can select when customizing IKEv2 or client options
  Ref: dbc3527
- Change the default action to 'continue' when confirming IKEv2 setup
  options
- Other minor improvements
 2022-02-12 12:12:51 -06:00
hwdsl2
dbc3527448 Simplify IKEv2 import 
- Simplify IKEv2 configuration import: Remove passwords for IKEv2
  client config files. When importing, it is no longer required to
  enter a config file password.
- For macOS and iOS, .mobileconfig files require a password to work.
  The password is now included so there is no need to manually enter.
- Note: Client config files should be securely transferred from
  the VPN server to VPN client device(s) for import.
 2022-02-12 01:21:12 -06:00
hwdsl2
d20f82e6f2 Update IKEv2 script 
- Minor improvement to IKEv2 config password retrieval
 2022-02-11 21:50:00 -06:00
hwdsl2
1da1493f53 Cleanup 2022-02-10 21:49:49 -06:00
hwdsl2
6dbc47e0db Improve upgrade scripts 
- Stop IPsec service before updating Libreswan
 2022-02-08 23:46:11 -06:00
hwdsl2
86d4f2f93c Improve VPN setup 
- Retry certain 'apt-get' and 'yum' commands on failure
 2022-02-08 23:24:46 -06:00
hwdsl2
4ebe582d36 Update IKEv2 script 
- Fix function name
 2022-01-29 17:33:42 -06:00
hwdsl2
40d8a26713 Update IKEv2-only mode script 
- Improve Libreswan version test
 2022-01-29 14:46:10 -06:00
hwdsl2
2270d66e02 Update IKEv2 script 
- Improve Libreswan version test
 2022-01-29 14:12:50 -06:00
hwdsl2
14af993d6a Update IKEv2 script 
- Cleanup
 2022-01-29 12:36:03 -06:00
hwdsl2
35c23f1144 Improve upgrade scripts 
- Make specifying Libreswan version optional. Retrieve and install
  the latest supported version by default.
- Other minor improvements
 2022-01-29 12:34:10 -06:00
hwdsl2
e16151f183 Improve upgrade scripts 
- Cleanup
 2022-01-29 01:47:45 -06:00
hwdsl2
c2d7eef27c Update IKEv2 script 
- Cleanup
 2022-01-29 01:30:21 -06:00
hwdsl2
0f27ebbfad Update IKEv2 script 
- Update Libreswan version check
- Cleanup
 2022-01-23 00:05:44 -06:00
hwdsl2
c56ebe9cfe Improve upgrade scripts 
- Make specifying Libreswan version optional in vpnupgrade.sh.
  Install the latest supported version by default.
- Remove Libreswan version check
 2022-01-22 22:30:39 -06:00
hwdsl2
5b1377dcf3 Cleanup 2022-01-22 21:34:53 -06:00
hwdsl2
6393470f46 Cleanup 2022-01-15 23:41:00 -06:00
hwdsl2
62723fe0c6 Update IKEv2 script 
- When upgrading Libreswan using vpnupgrade.sh, also update the
  IKEv2 helper script to the latest version.
 2022-01-13 23:47:27 -06:00
hwdsl2
18b830c998 New Libreswan version 
- Support updating to Libreswan 4.6
 2022-01-11 22:47:18 -06:00
hwdsl2
4403c9c241 Update Alpine scripts 
- Install nss, nss-tools and nss-dev from 3.14/3.15 repository.
  It is not necessary to install from edge because the latest
  3.14/3.15 nss related packages are already patched to fix
  CVE-2021-43527.
  Ref: https://git.alpinelinux.org/aports/tree/community/nss?h=3.15-stable
       https://git.alpinelinux.org/aports/tree/community/nss?h=3.14-stable
       603b198
 2022-01-05 19:33:08 -06:00
hwdsl2
34ba47e79b Update VPN user scripts 
- Sort VPN usernames when listing users
- Cleanup
 2022-01-04 23:11:05 -06:00
hwdsl2
abbf19f296 Update IKEv2 script 
- Sort IKEv2 client names when listing existing clients
- Cleanup
 2022-01-04 23:10:28 -06:00
hwdsl2
c25baaf9a9 Cleanup 2022-01-04 23:01:14 -06:00
hwdsl2
3c22bbbeb6 Update IKEv2 script 
- Fix IKEv2 "password is incorrect" issue when using Ubuntu 21.10
  Fixes #1073. Ref: #1048.
- Note: Ubuntu 21.10 is NOT a supported OS for the VPN setup scripts.
  Please use e.g. Ubuntu 20.04 instead.
  Ref: https://github.com/hwdsl2/setup-ipsec-vpn#requirements
 2022-01-02 21:52:47 -06:00
hwdsl2
c0a81ceb5b Add IKEv2-only mode script 
- New: Helper script to enable or disable IKEv2-only mode
 2022-01-02 01:01:02 -06:00
hwdsl2
c78b398057 Update year 2022-01-02 00:09:03 -06:00
hwdsl2
8f55500f0f Improve VPN user scripts 
- Improve helper scripts for managing VPN users.
- Support running add_vpn_user.sh and del_vpn_user.sh interactively
  without arguments.
 2021-12-30 15:47:49 -06:00
hwdsl2
603b198613 Add Alpine 3.15 
- Add support for Alpine Linux 3.15
- Install nss, nss-tools and nss-dev packages from edge for CVE-2021-43527
  Ref: https://lists.libreswan.org/pipermail/swan-announce/2021/000044.html
 2021-12-29 23:12:24 -06:00
hwdsl2
a323b13512 Update IKEv2 script 
- Update Ubuntu 18.04 NSS fix with newer package versions.
  Ref: https://ubuntu.com/security/CVE-2021-43527
 2021-12-29 20:28:15 -06:00
hwdsl2
bbdb9b13f9 Update IKEv2 script 
- Add Alpine Linux 3.15
 2021-12-29 18:48:47 -06:00
hwdsl2
bc312e0736 Update IKEv2 script 
- Show client certificate statuses when listing IKEv2 clients
- Fixes #1038
 2021-11-07 00:13:42 -05:00
hwdsl2
dccfa65a08 Update IKEv2 script 
- Minor fix
 2021-10-10 14:30:34 -05:00
hwdsl2
b129339927 Cleanup 2021-09-22 00:04:58 -05:00