1
0
mirror of synced 2024-11-24 13:56:08 +03:00
Commit Graph

1364 Commits

Author SHA1 Message Date
hwdsl2
32faed40d5 Improve IP check
- Instead of finding the server's public IP, use the IP address
  on the default route if it is not a private IP. This makes VPN
  setup slightly faster by skipping IP detection.
- Add a fallback URL for finding the server's public IP.
- Cleanup
2022-09-24 00:58:16 -05:00
hwdsl2
6ba4618351 Update docs 2022-09-23 00:34:42 -05:00
hwdsl2
7827f75785 Update docs 2022-09-17 00:02:11 -05:00
hwdsl2
f248738154 Update docs 2022-09-16 01:48:56 -05:00
hwdsl2
310161044c Update docs 2022-09-15 19:41:36 -05:00
hwdsl2
9e3135745b Update tests 2022-09-11 10:04:46 -05:00
hwdsl2
608fca101c Update docs 2022-09-11 00:54:45 -05:00
hwdsl2
8912e6ec8e Update IKEv2 script
- Cleanup
2022-09-11 00:17:26 -05:00
hwdsl2
1edac55430 Update tests 2022-09-10 09:53:40 -05:00
hwdsl2
4202a88804 Update docs 2022-09-09 23:53:53 -05:00
hwdsl2
c5df950ea2 Improve VPN setup
- Continue VPN setup (instead of exiting) if fail2ban fails to install.
2022-09-09 23:53:13 -05:00
hwdsl2
098a6b4e5d Update IKEv2 script
- When revoking or deleting an existing client, remove previously
  generated client config files for the client.
- Cleanup
2022-09-09 23:03:07 -05:00
hwdsl2
949790a5d9 Update docs 2022-09-08 09:06:16 -05:00
hwdsl2
db54638f5e Check kernel version
- Only enable TCP BBR congestion control if the server's Linux kernel
  version is 4.20 or newer.
- BBR requires the "fq" qdisc for older kernels < 4.20. That setting
  may not take effect on existing network interfaces without a reboot.
- References:
  https://github.com/google/bbr/blob/master/Documentation/bbr-quick-start.md
  0bb9d90
2022-09-08 00:29:18 -05:00
hwdsl2
6a525c6c10 Optimize TCP buffers
- Improve VPN performance by tuning TCP buffer sizes.
2022-09-07 23:29:10 -05:00
hwdsl2
0bb9d90668 Enable TCP BBR
- Improve VPN performance by enabling the TCP BBR congestion control
  algorithm on supported systems (e.g. Ubuntu 18.04+, Debian 10+,
  CentOS 8+) during VPN setup.
  References:
  https://cloud.google.com/blog/products/networking/tcp-bbr-congestion-control-comes-to-gcp-your-internet-just-got-faster
  https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/docs/bbr.md
2022-09-07 02:32:12 -05:00
hwdsl2
b4770c4507 Update docs 2022-08-29 20:57:20 -05:00
hwdsl2
05d1e62f14 Update docs 2022-08-28 22:55:20 -05:00
hwdsl2
2d4cf2cb8f Update docs
- Update instructions for customizing IKEv2 options during VPN setup.
- Ref: 56078b0
2022-08-28 00:09:30 -05:00
hwdsl2
d2e9b5ff91 Cleanup 2022-08-27 21:51:19 -05:00
hwdsl2
56078b0a1e Add an option to skip IKEv2 setup
- Add an option to skip IKEv2 setup when installing the IPsec VPN.
  Example: sudo VPN_SKIP_IKEV2=yes sh vpn.sh
- This allows users to set up an IKEv1-only VPN, or install IKEv2
  interactively using "sudo ikev2.sh" after VPN setup.
2022-08-27 15:59:43 -05:00
hwdsl2
5525c407c5 Update docs
- Update split tunneling instructions in advanced usage.
- Ref: #1218
2022-08-27 00:09:14 -05:00
hwdsl2
5d469239a0 Update docs 2022-08-16 09:01:15 -05:00
hwdsl2
71f9d97870 Update docs
- Add instructions for connecting using the native IKEv2 client
  on Android 12 and above.
2022-08-16 00:51:58 -05:00
hwdsl2
a1e761a067 Update docs 2022-08-11 09:14:17 -05:00
hwdsl2
6a872207f4 Update IKEv2 script
- Add a note about changing IKEv2 server address.
2022-08-11 00:02:42 -05:00
hwdsl2
4995ec03f5 Improve OS support
- Make the VPN setup scripts work on Kali Linux (based on Debian).
- Update IKEv2 helper script to check for OpenSSL 3 first when
  exporting the .p12 file.
2022-08-10 23:25:58 -05:00
hwdsl2
e2f211c678 Improve OS detection
- Improve OS detection and clean up
2022-08-10 22:41:55 -05:00
hwdsl2
8973b8d6c0 Update tests 2022-08-09 19:35:32 -05:00
hwdsl2
1dbf897500 Cleanup
- Fix OS checking: Don't show errors for /etc/redhat-release.
- Fixes #1211.
2022-08-09 19:34:32 -05:00
hwdsl2
d22b32d4c6 Update docs
- Ref: #1209
2022-08-05 12:02:29 -05:00
Uros Radovanovic
44b39cb2ed
Update README.md with note about external firewalls (#1209) 2022-08-05 11:51:52 -05:00
hwdsl2
95be4b83fb Fix NSS config
- Update NSS config on e.g. AlmaLinux 9 to allow the SHA1 signature
  algorithm. This fixes the issue where IKEv2 clients cannot connect.
- Fixes #1206.
2022-07-31 23:40:09 -05:00
hwdsl2
0fe30b0479 Update tests 2022-07-31 00:05:10 -05:00
hwdsl2
9088681e89 Update tests 2022-07-30 23:17:53 -05:00
hwdsl2
3c7273eb62 Update docs 2022-07-30 09:32:03 -05:00
hwdsl2
200da23776 Add Oracle Linux 9 2022-07-30 09:31:27 -05:00
hwdsl2
6ca52bf0e0 Update docs 2022-07-30 03:00:14 -05:00
hwdsl2
10d54262fb Add CentOS 9
- Add support for version 9 of CentOS Stream, RHEL, Rocky Linux
  and AlmaLinux.
2022-07-30 02:59:49 -05:00
hwdsl2
066cb14e14 Cleanup 2022-07-30 00:50:40 -05:00
hwdsl2
a0d0c42651 Update docs 2022-07-28 23:55:47 -05:00
hwdsl2
6b6ad1cbd8 Update IKEv2 script
- Add a check for OpenSSL 3 when creating client configuration.
2022-07-26 23:55:14 -05:00
hwdsl2
baccd5adbf Update docs 2022-07-18 08:46:21 -05:00
hwdsl2
e9b38c8a65 Update docs 2022-07-13 22:58:37 -05:00
hwdsl2
2077b5a420 Update tests 2022-07-09 22:31:47 -05:00
hwdsl2
5efff22b1a Update IKEv2 script
- Update NSS workaround for Ubuntu 18.04 with new package versions
2022-07-09 22:29:35 -05:00
hwdsl2
1f62f28f29 Update docs 2022-07-08 18:22:49 -05:00
hwdsl2
f66e809f30 Update docs 2022-07-08 18:21:51 -05:00
hwdsl2
8ca05e13d9 Update Azure template
- Remove Debian 9, which is EOL after June 30, 2022.
2022-07-07 17:39:28 -05:00
hwdsl2
c1630afb7e Remove Debian 9
- Remove Debian 9, which is EOL after June 30, 2022.
- Cleanup
2022-07-07 00:59:14 -05:00