Difference between revisions of "Infrastructure:IPsec"
imported>Echarlie |
imported>Pew |
||
(13 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
− | Currently, vtluug has a [https://www.strongswan.org/about.html strongSwan] IPsec/L2TP server running on | + | Currently, vtluug has a [https://www.strongswan.org/about.html strongSwan] [[IPsec]]/L2TP server running on |
[[Infrastructure:Acidburn|Acidburn]]. This server was configured using philpl's | [[Infrastructure:Acidburn|Acidburn]]. This server was configured using philpl's | ||
[https://github.com/philpl/setup-strong-strongswan script] hosted on [[Project hosting|Github]] | [https://github.com/philpl/setup-strong-strongswan script] hosted on [[Project hosting|Github]] | ||
+ | == Administration == | ||
+ | === Setup === | ||
− | [[Category: | + | Setup mostly involves running the script<ref>https://github.com/philpl/setup-strong-strongswan</ref>, |
+ | however there are options which can be configured afterwards. The script will prompt for a user, password, | ||
+ | and Key on first run, and any subsequent runs will simply update the vpn. | ||
+ | |||
+ | It provides a startup script in /etc/init.d, which can be launched by systemd. | ||
+ | |||
+ | === Adding users === | ||
+ | |||
+ | Users can be added to /etc/ppp/chap-secrets, which ''should'' provide them with a password and username. | ||
+ | |||
+ | == Use == | ||
+ | === Connecting === | ||
+ | |||
+ | ==== iPhone ==== | ||
+ | |||
+ | The iPhone integrated VPN support will allow for connection to the VPN | ||
+ | <!-- add screenshots --> | ||
+ | |||
+ | ==== Android ==== | ||
+ | |||
+ | https://play.google.com/store/apps/details?id=org.strongswan.android | ||
+ | |||
+ | This app should allow for connections from android. The author of this article has not tested this. | ||
+ | |||
+ | ==== Network Manager ==== | ||
+ | |||
+ | ==== netctl ==== | ||
+ | |||
+ | |||
+ | == References== | ||
+ | |||
+ | [[Category:VTLUUG:Projects]] | ||
+ | [[Category:Infrastructure]] | ||
+ | [[Category:Needs restoration]] |
Latest revision as of 06:30, 4 January 2018
Currently, vtluug has a strongSwan IPsec/L2TP server running on Acidburn. This server was configured using philpl's script hosted on Github
Contents
Administration
Setup
Setup mostly involves running the script[1], however there are options which can be configured afterwards. The script will prompt for a user, password, and Key on first run, and any subsequent runs will simply update the vpn.
It provides a startup script in /etc/init.d, which can be launched by systemd.
Adding users
Users can be added to /etc/ppp/chap-secrets, which should provide them with a password and username.
Use
Connecting
iPhone
The iPhone integrated VPN support will allow for connection to the VPN
Android
https://play.google.com/store/apps/details?id=org.strongswan.android
This app should allow for connections from android. The author of this article has not tested this.