1
0
mirror of synced 2024-11-22 21:16:02 +03:00
Commit Graph

35 Commits

Author SHA1 Message Date
hwdsl2
2bd37ccf66 Cleanup
- Save a redirect and make VPN setup slightly faster by using
  raw.githubusercontent.com directly instead of
  https://github.com/hwdsl2/setup-ipsec-vpn/raw/...
2022-10-23 14:05:57 -05:00
hwdsl2
4174ffa3ef Improve VPN setup
- Improve download of VPN helper scripts during setup.
  Note: https://github.com/hwdsl2/setup-ipsec-vpn/raw/master/extras/...
  redirects to
  https://raw.githubusercontent.com/hwdsl2/setup-ipsec-vpn/master/extras/...
  Use the latter directly so that Wget can reuse the same connection
  for all 3 helper scripts.
- For Ubuntu 18.04, improve download of NSS packages and add fallback URLs.
2022-10-22 23:55:06 -05:00
hwdsl2
780f815540 Improve VPN setup
- For Ubuntu 18.04, download NSS packages from GitHub for improved
  reliability.
- Check and skip installing NSS packages if already installed.
2022-10-21 23:37:47 -05:00
hwdsl2
d1da04b1d4 New Libreswan version
- Support upgrading to Libreswan 4.9.
- Compilation of Libreswan 4.9 on Ubuntu 18.04 requires newer
  versions of NSS packages. They are installed in a similar way
  as apply_ubuntu1804_nss_fix in ikev2setup.sh.
  Ref: https://github.com/libreswan/libreswan/issues/892
2022-10-21 00:11:15 -05:00
hwdsl2
bd291e91a1 Cleanup 2022-10-07 00:19:00 -05:00
hwdsl2
6e596825e2 Improve VPN ciphers
- Improve security by removing support for modp1536 (DH group 5),
  which is less secure and rarely used by VPN clients. To do this,
  we specify modp2048 on the "ike=" line in ipsec.conf.
2022-09-30 01:11:18 -05:00
hwdsl2
025387df91 Improve VPN ciphers
- Improve security by removing support for modp1024 (DH group 2),
  which is less secure and no longer enabled in Libreswan by default.
- The native VPN client on Android devices uses modp1024 for the
  IPsec/L2TP and IPsec/XAuth ("Cisco IPsec") modes. After this change,
  Android users should instead connect using IKEv2 mode (recommended).
2022-09-29 22:52:40 -05:00
hwdsl2
cc99e18123 Cleanup 2022-09-24 18:56:27 -05:00
hwdsl2
32faed40d5 Improve IP check
- Instead of finding the server's public IP, use the IP address
  on the default route if it is not a private IP. This makes VPN
  setup slightly faster by skipping IP detection.
- Add a fallback URL for finding the server's public IP.
- Cleanup
2022-09-24 00:58:16 -05:00
hwdsl2
4995ec03f5 Improve OS support
- Make the VPN setup scripts work on Kali Linux (based on Debian).
- Update IKEv2 helper script to check for OpenSSL 3 first when
  exporting the .p12 file.
2022-08-10 23:25:58 -05:00
hwdsl2
34d9ad06d5 New Libreswan version
- Support upgrading to Libreswan 4.7.
2022-05-25 23:59:21 -05:00
hwdsl2
b2626dc921 Cleanup 2022-04-27 00:05:45 -05:00
hwdsl2
e5703d8aaa Cleanup 2022-03-07 21:29:13 -06:00
hwdsl2
42c8d288e2 Cleanup
- Improve backup of VPN config files
2022-02-18 21:42:37 -06:00
hwdsl2
5c85b5693c Cleanup
- Change the default action to 'continue' in VPN scripts
2022-02-12 12:24:26 -06:00
hwdsl2
6dbc47e0db Improve upgrade scripts
- Stop IPsec service before updating Libreswan
2022-02-08 23:46:11 -06:00
hwdsl2
86d4f2f93c Improve VPN setup
- Retry certain 'apt-get' and 'yum' commands on failure
2022-02-08 23:24:46 -06:00
hwdsl2
35c23f1144 Improve upgrade scripts
- Make specifying Libreswan version optional. Retrieve and install
  the latest supported version by default.
- Other minor improvements
2022-01-29 12:34:10 -06:00
hwdsl2
e16151f183 Improve upgrade scripts
- Cleanup
2022-01-29 01:47:45 -06:00
hwdsl2
c56ebe9cfe Improve upgrade scripts
- Make specifying Libreswan version optional in vpnupgrade.sh.
  Install the latest supported version by default.
- Remove Libreswan version check
2022-01-22 22:30:39 -06:00
hwdsl2
5b1377dcf3 Cleanup 2022-01-22 21:34:53 -06:00
hwdsl2
6393470f46 Cleanup 2022-01-15 23:41:00 -06:00
hwdsl2
62723fe0c6 Update IKEv2 script
- When upgrading Libreswan using vpnupgrade.sh, also update the
  IKEv2 helper script to the latest version.
2022-01-13 23:47:27 -06:00
hwdsl2
18b830c998 New Libreswan version
- Support updating to Libreswan 4.6
2022-01-11 22:47:18 -06:00
hwdsl2
c25baaf9a9 Cleanup 2022-01-04 23:01:14 -06:00
hwdsl2
c78b398057 Update year 2022-01-02 00:09:03 -06:00
hwdsl2
b129339927 Cleanup 2021-09-22 00:04:58 -05:00
hwdsl2
e2a9c4a0c3 Cleanup 2021-09-11 10:07:33 -05:00
hwdsl2
263ffe97cc Cleanup 2021-09-07 09:02:22 -05:00
hwdsl2
da7697a5b0 Cleanup
- Update scripts to use bash instead of sh
- Update docs
2021-08-27 23:35:31 -05:00
hwdsl2
0e8e6a020c New Libreswan version
- Support updating to Libreswan 4.5
2021-08-22 11:49:35 -05:00
hwdsl2
52216d8f59 Improve update scripts
- Refactor VPN update scripts into functions
- Cleanup
2021-08-22 00:43:14 -05:00
hwdsl2
87235014ad Add Debian 11 2021-08-15 00:46:25 -05:00
hwdsl2
8e570129b2 Cleanup 2021-08-14 00:26:27 -05:00
hwdsl2
cd40f1e2b7 Rename update script 2021-08-13 22:59:41 -05:00