Marown/setup-ipsec-vpn
1
0
Fork 0
mirror of https://github.com/hwdsl2/setup-ipsec-vpn.git synced 2024-06-28 00:26:06 +02:00
Code Issues Packages Projects Releases Wiki Activity
83b279934d
setup-ipsec-vpn/docs/clients.md
hwdsl2 de8d25a540 Add instructions for client setup
2016-05-10 23:26:48 -05:00

7.7 KiB
Raw Blame History

Configure IPsec/L2TP VPN Clients

Read this in other languages: English, 简体中文.

Note: These instructions were adapted from the Streisand project by Joshua Lund and contributors. License: GPLv3

After setting up your own VPN server, follow these steps to configure your devices. IPsec/L2TP is natively supported by Android, iOS, OS X, and Windows. There is no additional software to install. Setup should only take a few minutes. In case you are unable to connect, first check to make sure the VPN credentials were entered correctly.

Windows

  1. Click on the Start Menu and go to the Control Panel.
  2. Go to the Network and Internet section.
  3. Click View network status and tasks.
  4. Click Set up a new connection or network.
  5. Select Connect to a workplace and click Next.
  6. Click Use my Internet connection (VPN).
  7. Enter Your VPN Server IP in the Internet address field.
  8. Enter anything you like in the Destination name field.
  9. Check the Don't connect now; just set it up so I can connect later checkbox.
  10. Click Next.
  11. Enter Your VPN Username in the User name field.
  12. Enter Your VPN Password in the Password field.
  13. Check the Remember this password checkbox.
  14. Click Connect, then click the Close button.
  15. Return to the Control Panel's Network and Internet section and click on the Connect to a network option.
  16. Right-click on the new VPN connection and choose Properties.
  17. Click the Options tab and uncheck Include Windows logon domain.
  18. Click the Security tab and select Layer 2 Tunneling Protocol with IPsec (L2TP/IPSec) from the Type of VPN drop-down menu. Under "Allow these protocols", check the CHAP checkbox, and un-check MS-CHAP v2.
  19. Click the Advanced settings button.
  20. Select Use preshared key for authentication and enter Your IPsec PSK for the Key.
  21. Click OK to close the Advanced settings.
  22. Click OK to save the VPN connection details.
  23. This one-time registry change is required if the VPN server and/or client is behind NAT (e.g. home router). Please follow instructions in the linked article, and reboot your computer when done.

To connect to the VPN, simply right-click on the wireless/network icon in your system tray, select the new VPN connection, and click Connect. You can verify that your traffic is being routed properly by looking up your IP address on Google. It should say "Your public IP address is Your VPN Server IP".

OS X

  1. Open System Preferences and go to the Network section.
  2. Click the + button in the lower-left corner of the window.
  3. Select VPN from the Interface drop-down menu.
  4. Select L2TP over IPSec from the VPN Type drop-down menu.
  5. Enter anything you like for the Service Name.
  6. Click Create.
  7. Enter Your VPN Server IP for the Server Address.
  8. Enter Your VPN Username for the Account Name.
  9. Click the Authentication Settings button.
  10. In the User Authentication section, select the Password radio button and enter Your VPN Password as its value.
  11. In the Machine Authentication section, select the Shared Secret radio button and enter Your IPsec PSK as its value.
  12. Click OK.
  13. Check the Show VPN status in menu bar checkbox.
  14. Click the Advanced button and make sure the Send all traffic over VPN connection checkbox is selected.
  15. Click the TCP/IP tab, and make sure Link-local only is selected in the Configure IPv6 section.
  16. Click OK to close the Advanced settings, and then click Apply to save the VPN connection information.

You can connect to the VPN using the VPN icon in the menu bar, or by selecting the VPN in the Network section of System Preferences and choosing Connect. You can verify that your traffic is being routed properly by looking up your IP address on Google. It should say "Your public IP address is Your VPN Server IP".

Android

  1. Launch the Settings application.
  2. Tap More... in the Wireless & Networks section.
  3. Tap VPN.
  4. Tap the + icon in the top-right of the screen.
  5. Enter anything you like in the Name field.
  6. Select L2TP/IPSec PSK in the Type drop-down menu.
  7. Enter Your VPN Server IP in the Server address field.
  8. Enter Your IPsec PSK in the IPSec pre-shared key field.
  9. Tap Save.
  10. Tap the new VPN connection.
  11. Enter Your VPN Username in the Username field.
  12. Enter Your VPN Password in the Password field.
  13. Check the Save account information checkbox.
  14. Tap Connect.

Note for Android 6 (Marshmallow) users: On the VPN server, edit the file /etc/ipsec.conf and append ,aes256-sha2_256 to both ike= and phase2alg= lines. Then add a new line sha2-truncbug=yes after those. Indent lines with two spaces. When finished, save the file and run service ipsec restart.

Once connected, you will see a VPN icon in the notification bar. You can verify that your traffic is being routed properly by looking up your IP address on Google. It should say "Your public IP address is Your VPN Server IP".

iOS

  1. Go to Settings -> General -> VPN.
  2. Tap Add VPN Configuration....
  3. Tap Type.
  4. Select L2TP and go back.
  5. Tap Description and enter anything you like.
  6. Tap Server and enter Your VPN Server IP.
  7. Tap Account and enter Your VPN Username.
  8. Tap Password and enter Your VPN Password.
  9. Tap Secret and enter Your IPsec PSK.
  10. Tap Done.
  11. Slide the VPN switch on.

Once connected, you will see a VPN icon in the status bar. You can verify that your traffic is being routed properly by looking up your IP address on Google. It should say "Your public IP address is Your VPN Server IP".

Chromebook

  1. If you haven't already, sign in to your Chromebook.
  2. Click the status area, where your account picture appears.
  3. Click Settings.
  4. In the Internet connection section, click Add connection.
  5. Click Add OpenVPN / L2TP.
  6. Enter Your VPN Server IP for the Server hostname.
  7. Enter anything you like for the Service name.
  8. Make sure Provider type is L2TP/IPSec + pre-shared key.
  9. Enter Your IPsec PSK for the Pre-shared key.
  10. Enter Your VPN Username for the Username.
  11. Enter Your VPN Password for the Password.
  12. Click Connect.

Once connected, you will see a VPN icon overlay on the network status icon. You can verify that your traffic is being routed properly by looking up your IP address on Google. It should say "Your public IP address is Your VPN Server IP".