1
0
mirror of synced 2024-11-25 22:36:04 +03:00
Commit Graph

101 Commits

Author SHA1 Message Date
hwdsl2
11f8502e3a Improve IKEv2 setup
- Use default key size (2048 bits) when generating key pairs using
  certutil. This significantly reduces IKEv2 setup time on servers
  with less powerful CPUs, such as Raspberry Pis, while still providing
  sufficient security.
- Update docs
2021-03-05 21:33:41 -06:00
hwdsl2
e7e9bf2dc0 Update docs 2021-03-01 10:12:46 -06:00
hwdsl2
ac86c8831c Update docs
- Add new section for advanced usage
- Clean up important notes section
- Update IKEv2 docs
2021-02-28 15:54:58 -06:00
hwdsl2
78a9f608e5 Update IKEv2 docs
- Update Windows IKEv2 client instructions. Ref: #940.
2021-02-21 14:57:37 -06:00
hwdsl2
12fdc8c11d Update docs 2021-02-10 10:26:18 -06:00
hwdsl2
ad1c635ca3 Update IKEv2 docs
- Android 6.0 and older devices require additional instructions
  for IKEv2. Ref: #930
2021-02-06 15:18:01 -06:00
hwdsl2
97624bf292 Update docs 2021-02-04 21:43:03 -06:00
hwdsl2
1327f9123e Update docs 2021-02-02 10:45:05 -06:00
hwdsl2
954b2acb7c Fix for IKEv2
- Fix an issue where multiple IKEv2 clients behind the same NAT cannot
  connect simultaneously to the VPN server. Note that before this fix,
  this issue only occurs when using an IP address (instead of a DNS name)
  for IKEv2 for the VPN server.
- This issue is found to be related to Libreswan's matching of local IDs
  when checking connections. A local ID with '@' prefix has type ID_FQDN,
  which does not match the ID_IPV4_ADDR type that the peer expects. This
  prevents connection switching from working correctly for the scenario
  above. Removing the prefix fixed the issue.
- Fixes #924
2021-02-01 21:42:31 -06:00
hwdsl2
c6182d76bb Update docs 2021-01-31 00:30:33 -06:00
hwdsl2
f6b8d13b05 Update docs 2021-01-30 14:31:37 -06:00
hwdsl2
cd588a07ae Update docs 2021-01-29 00:05:16 -06:00
hwdsl2
ec5dda8c1c Update IKEv2 docs
- Update Windows IKEv2 client instructions, with steps to import
  the .p12 file using certutil, and add the VPN connection using
  Windows PowerShell for improved security and performance.
2021-01-28 02:13:05 -06:00
hwdsl2
0ed9015a6b Update docs 2021-01-25 22:51:04 -06:00
hwdsl2
8c286df143 Cleanup 2021-01-24 20:01:40 -06:00
hwdsl2
7e20055671 Update docs 2021-01-24 15:55:26 -06:00
hwdsl2
2864473576 Update docs 2021-01-23 16:05:51 -06:00
hwdsl2
1c975c8410 Update docs 2021-01-21 23:11:20 -06:00
hwdsl2
0199df0369 Update IKEv2 docs 2021-01-21 01:39:15 -06:00
hwdsl2
7d9f2c6603 Fix IKEv2
- Fix an issue with IKEv2 disconnecting after one hour due to IKE SA
  expiration, by setting ikelifetime and salifetime to 24h.
  Ref: #913 #844 https://libreswan.org/man/ipsec.conf.5.html
2021-01-20 01:39:07 -06:00
hwdsl2
27dc3d25f2 Update docs 2021-01-19 01:42:29 -06:00
hwdsl2
bac2c9cf4c Update docs 2021-01-18 22:49:55 -06:00
hwdsl2
215c9030ba Update docs 2021-01-18 11:03:39 -06:00
hwdsl2
a3dae331b8 Update docs 2021-01-18 00:02:04 -06:00
hwdsl2
927e0ca7e3 Update docs
- Update IKEv2 docs for .mobileconfig support
2021-01-14 23:58:20 -06:00
hwdsl2
5f1ca68350 Update docs 2020-12-31 23:10:10 -06:00
hwdsl2
88764568d2 Update docs 2020-12-29 16:36:44 -06:00
hwdsl2
8adead17b7 Update docs 2020-12-27 00:16:49 -06:00
hwdsl2
7006fb3fa5 Update docs 2020-12-26 15:19:21 -06:00
hwdsl2
95a7f9cde5 Update IKEv2 docs 2020-12-20 01:14:40 -06:00
hwdsl2
cf96051d6f Update docs 2020-12-13 15:52:27 -06:00
hwdsl2
c424228658 Update IKEv2 docs 2020-12-01 00:42:11 -06:00
hwdsl2
afb8a7acce New Libreswan version
- Upgrade Libreswan from 3.32 to 4.1
2020-11-11 00:27:44 -06:00
hwdsl2
5d8932e411 Update IKEv2 docs 2020-07-12 14:42:04 -05:00
hwdsl2
71dc5bab01 Update IKEv2 docs
- Connecting multiple IKEv2 clients from behind the same NAT
  requires setting the "local ID" field to match the client name.
  Ref: https://github.com/libreswan/libreswan/issues/237
2020-07-06 22:42:45 -05:00
hwdsl2
93e89919ac Update IKEv2 docs 2020-07-04 01:35:10 -05:00
hwdsl2
50ac87c7b3 Update docs 2020-06-11 01:37:47 -05:00
hwdsl2
8ea8bbfa4e Update IKEv2 docs
- Add instructions for add/revoke client certificates
2020-06-06 23:09:58 -05:00
hwdsl2
f3a93e17fc Update IKEv2 docs 2020-06-05 00:44:33 -05:00
hwdsl2
99e87f5287 Update IKEv2 docs 2020-05-31 17:37:49 -05:00
hwdsl2
204904abf4 Update IKEv2 docs 2020-05-30 23:13:14 -05:00
hwdsl2
09c68fda01 Update docs
- Add troubleshooting section for Android MTU/MSS issues
- Remove "Access VPN server's subnet". This seems to work fine using
  the default configuration, without additional IPTables rules
2020-05-16 23:35:52 -05:00
hwdsl2
d44b09d577 Update docs 2020-05-11 23:23:38 -05:00
hwdsl2
ace41ebc29 Add IKEv2 script
- Add a helper script for automatic IKEv2 setup
- Update IKEv2 docs
2020-05-11 01:18:34 -05:00
hwdsl2
9e6b26b1b2 Update docs 2020-05-03 01:59:37 -05:00
hwdsl2
7076376aac Update IKEv2 docs
- For users running Libreswan 3.31, the "Use RSA/PSS signatures" option
  needs to be enabled in the strongSwan Android VPN client.
- Ref: https://lists.libreswan.org/pipermail/swan/2020/003440.html
2020-04-30 01:13:39 -05:00
hwdsl2
4b28ce5de9 Update IKEv2 docs
- Update macOS and iOS IKEv2 instructions
2019-11-10 19:32:29 -08:00
hwdsl2
0dfe0d3021 Update IKEv2 docs
- Add new IKEv2 instructions for Android 10
  Ref: https://wiki.strongswan.org/issues/3196
- Change certificate validity period to 120 months
2019-11-10 17:23:12 -08:00
hwdsl2
e61efe242e Update IKEv2 docs
- Add a known issue (#543)
2019-03-15 23:13:30 -05:00
hwdsl2
0679c66071 Update docs 2019-02-09 16:24:19 -06:00