Difference between revisions of "Infrastructure:IPsec"

From the Linux and Unix Users Group at Virginia Teck Wiki
Jump to: navigation, search
imported>Echarlie
imported>Pew
 
(11 intermediate revisions by 2 users not shown)
Line 5: Line 5:
 
== Administration ==
 
== Administration ==
 
=== Setup ===
 
=== Setup ===
 +
 +
Setup mostly involves running the script<ref>https://github.com/philpl/setup-strong-strongswan</ref>,
 +
however there are options which can be configured afterwards. The script will prompt for a user, password,
 +
and Key on first run, and any subsequent runs will simply update the vpn.
 +
 +
It provides a startup script in /etc/init.d, which can be launched by systemd.
  
 
=== Adding users ===
 
=== Adding users ===
 +
 +
Users can be added to /etc/ppp/chap-secrets, which ''should'' provide them with a password and username.
  
 
== Use ==
 
== Use ==
Line 12: Line 20:
  
 
==== iPhone ====
 
==== iPhone ====
 +
 +
The iPhone integrated VPN support will allow for connection to the VPN
 +
<!-- add screenshots -->
  
 
==== Android ====
 
==== Android ====
 +
 +
https://play.google.com/store/apps/details?id=org.strongswan.android
 +
 +
This app should allow for connections from android. The author of this article has not tested this.
  
 
==== Network Manager ====
 
==== Network Manager ====
Line 20: Line 35:
  
  
[[Category:Services]]
+
== References==
 +
 
 +
[[Category:VTLUUG:Projects]]
 +
[[Category:Infrastructure]]
 +
[[Category:Needs restoration]]

Latest revision as of 06:30, 4 January 2018

Currently, vtluug has a strongSwan IPsec/L2TP server running on Acidburn. This server was configured using philpl's script hosted on Github

Administration

Setup

Setup mostly involves running the script[1], however there are options which can be configured afterwards. The script will prompt for a user, password, and Key on first run, and any subsequent runs will simply update the vpn.

It provides a startup script in /etc/init.d, which can be launched by systemd.

Adding users

Users can be added to /etc/ppp/chap-secrets, which should provide them with a password and username.

Use

Connecting

iPhone

The iPhone integrated VPN support will allow for connection to the VPN

Android

https://play.google.com/store/apps/details?id=org.strongswan.android

This app should allow for connections from android. The author of this article has not tested this.

Network Manager

netctl

References