hwdsl2
32faed40d5
Improve IP check
...
- Instead of finding the server's public IP, use the IP address
on the default route if it is not a private IP. This makes VPN
setup slightly faster by skipping IP detection.
- Add a fallback URL for finding the server's public IP.
- Cleanup
2022-09-24 00:58:16 -05:00
hwdsl2
6ba4618351
Update docs
2022-09-23 00:34:42 -05:00
hwdsl2
7827f75785
Update docs
2022-09-17 00:02:11 -05:00
hwdsl2
f248738154
Update docs
2022-09-16 01:48:56 -05:00
hwdsl2
310161044c
Update docs
2022-09-15 19:41:36 -05:00
hwdsl2
9e3135745b
Update tests
2022-09-11 10:04:46 -05:00
hwdsl2
608fca101c
Update docs
2022-09-11 00:54:45 -05:00
hwdsl2
8912e6ec8e
Update IKEv2 script
...
- Cleanup
2022-09-11 00:17:26 -05:00
hwdsl2
1edac55430
Update tests
2022-09-10 09:53:40 -05:00
hwdsl2
4202a88804
Update docs
2022-09-09 23:53:53 -05:00
hwdsl2
c5df950ea2
Improve VPN setup
...
- Continue VPN setup (instead of exiting) if fail2ban fails to install.
2022-09-09 23:53:13 -05:00
hwdsl2
098a6b4e5d
Update IKEv2 script
...
- When revoking or deleting an existing client, remove previously
generated client config files for the client.
- Cleanup
2022-09-09 23:03:07 -05:00
hwdsl2
949790a5d9
Update docs
2022-09-08 09:06:16 -05:00
hwdsl2
db54638f5e
Check kernel version
...
- Only enable TCP BBR congestion control if the server's Linux kernel
version is 4.20 or newer.
- BBR requires the "fq" qdisc for older kernels < 4.20. That setting
may not take effect on existing network interfaces without a reboot.
- References:
https://github.com/google/bbr/blob/master/Documentation/bbr-quick-start.md
0bb9d90
2022-09-08 00:29:18 -05:00
hwdsl2
6a525c6c10
Optimize TCP buffers
...
- Improve VPN performance by tuning TCP buffer sizes.
2022-09-07 23:29:10 -05:00
hwdsl2
0bb9d90668
Enable TCP BBR
...
- Improve VPN performance by enabling the TCP BBR congestion control
algorithm on supported systems (e.g. Ubuntu 18.04+, Debian 10+,
CentOS 8+) during VPN setup.
References:
https://cloud.google.com/blog/products/networking/tcp-bbr-congestion-control-comes-to-gcp-your-internet-just-got-faster
https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/docs/bbr.md
2022-09-07 02:32:12 -05:00
hwdsl2
b4770c4507
Update docs
2022-08-29 20:57:20 -05:00
hwdsl2
05d1e62f14
Update docs
2022-08-28 22:55:20 -05:00
hwdsl2
2d4cf2cb8f
Update docs
...
- Update instructions for customizing IKEv2 options during VPN setup.
- Ref: 56078b0
2022-08-28 00:09:30 -05:00
hwdsl2
d2e9b5ff91
Cleanup
2022-08-27 21:51:19 -05:00
hwdsl2
56078b0a1e
Add an option to skip IKEv2 setup
...
- Add an option to skip IKEv2 setup when installing the IPsec VPN.
Example: sudo VPN_SKIP_IKEV2=yes sh vpn.sh
- This allows users to set up an IKEv1-only VPN, or install IKEv2
interactively using "sudo ikev2.sh" after VPN setup.
2022-08-27 15:59:43 -05:00
hwdsl2
5525c407c5
Update docs
...
- Update split tunneling instructions in advanced usage.
- Ref: #1218
2022-08-27 00:09:14 -05:00
hwdsl2
5d469239a0
Update docs
2022-08-16 09:01:15 -05:00
hwdsl2
71f9d97870
Update docs
...
- Add instructions for connecting using the native IKEv2 client
on Android 12 and above.
2022-08-16 00:51:58 -05:00
hwdsl2
a1e761a067
Update docs
2022-08-11 09:14:17 -05:00
hwdsl2
6a872207f4
Update IKEv2 script
...
- Add a note about changing IKEv2 server address.
2022-08-11 00:02:42 -05:00
hwdsl2
4995ec03f5
Improve OS support
...
- Make the VPN setup scripts work on Kali Linux (based on Debian).
- Update IKEv2 helper script to check for OpenSSL 3 first when
exporting the .p12 file.
2022-08-10 23:25:58 -05:00
hwdsl2
e2f211c678
Improve OS detection
...
- Improve OS detection and clean up
2022-08-10 22:41:55 -05:00
hwdsl2
8973b8d6c0
Update tests
2022-08-09 19:35:32 -05:00
hwdsl2
1dbf897500
Cleanup
...
- Fix OS checking: Don't show errors for /etc/redhat-release.
- Fixes #1211 .
2022-08-09 19:34:32 -05:00
hwdsl2
d22b32d4c6
Update docs
...
- Ref: #1209
2022-08-05 12:02:29 -05:00
Uros Radovanovic
44b39cb2ed
Update README.md with note about external firewalls ( #1209 )
2022-08-05 11:51:52 -05:00
hwdsl2
95be4b83fb
Fix NSS config
...
- Update NSS config on e.g. AlmaLinux 9 to allow the SHA1 signature
algorithm. This fixes the issue where IKEv2 clients cannot connect.
- Fixes #1206 .
2022-07-31 23:40:09 -05:00
hwdsl2
0fe30b0479
Update tests
2022-07-31 00:05:10 -05:00
hwdsl2
9088681e89
Update tests
2022-07-30 23:17:53 -05:00
hwdsl2
3c7273eb62
Update docs
2022-07-30 09:32:03 -05:00
hwdsl2
200da23776
Add Oracle Linux 9
2022-07-30 09:31:27 -05:00
hwdsl2
6ca52bf0e0
Update docs
2022-07-30 03:00:14 -05:00
hwdsl2
10d54262fb
Add CentOS 9
...
- Add support for version 9 of CentOS Stream, RHEL, Rocky Linux
and AlmaLinux.
2022-07-30 02:59:49 -05:00
hwdsl2
066cb14e14
Cleanup
2022-07-30 00:50:40 -05:00
hwdsl2
a0d0c42651
Update docs
2022-07-28 23:55:47 -05:00
hwdsl2
6b6ad1cbd8
Update IKEv2 script
...
- Add a check for OpenSSL 3 when creating client configuration.
2022-07-26 23:55:14 -05:00
hwdsl2
baccd5adbf
Update docs
2022-07-18 08:46:21 -05:00
hwdsl2
e9b38c8a65
Update docs
2022-07-13 22:58:37 -05:00
hwdsl2
2077b5a420
Update tests
2022-07-09 22:31:47 -05:00
hwdsl2
5efff22b1a
Update IKEv2 script
...
- Update NSS workaround for Ubuntu 18.04 with new package versions
2022-07-09 22:29:35 -05:00
hwdsl2
1f62f28f29
Update docs
2022-07-08 18:22:49 -05:00
hwdsl2
f66e809f30
Update docs
2022-07-08 18:21:51 -05:00
hwdsl2
8ca05e13d9
Update Azure template
...
- Remove Debian 9, which is EOL after June 30, 2022.
2022-07-07 17:39:28 -05:00
hwdsl2
c1630afb7e
Remove Debian 9
...
- Remove Debian 9, which is EOL after June 30, 2022.
- Cleanup
2022-07-07 00:59:14 -05:00