hwdsl2
5f9a6fa8ce
Improve VPN setup
...
- Update uninstall script: For CentOS/RHEL 8, try to automatically
restore nftables rules to the version before VPN setup.
- Cleanup
2021-09-09 00:14:26 -05:00
hwdsl2
263ffe97cc
Cleanup
2021-09-07 09:02:22 -05:00
hwdsl2
c91270a18c
Improve VPN setup
...
- Add uninstall script
2021-09-07 02:55:37 -05:00
hwdsl2
217bf2a237
Cleanup
...
- Improve temporary folder creation
2021-08-28 16:07:52 -05:00
hwdsl2
da7697a5b0
Cleanup
...
- Update scripts to use bash instead of sh
- Update docs
2021-08-27 23:35:31 -05:00
hwdsl2
0e8e6a020c
New Libreswan version
...
- Support updating to Libreswan 4.5
2021-08-22 11:49:35 -05:00
hwdsl2
edd124ed9c
Update IKEv2 script
...
- Set display name under server description in iOS VPN settings
to "IKEv2 VPN"
- Ref: #995 . Thanks @Mattz-P!
2021-08-22 10:55:57 -05:00
hwdsl2
52216d8f59
Improve update scripts
...
- Refactor VPN update scripts into functions
- Cleanup
2021-08-22 00:43:14 -05:00
hwdsl2
665349336d
Update IKEv2 script
...
- Cleanup
2021-08-22 00:42:21 -05:00
hwdsl2
fc33e1c451
Cleanup
2021-08-19 01:40:38 -05:00
hwdsl2
87235014ad
Add Debian 11
2021-08-15 00:46:25 -05:00
hwdsl2
8e570129b2
Cleanup
2021-08-14 00:26:27 -05:00
hwdsl2
70873348b9
Add update script
...
- Add a new wrapper script for updating Libreswan on all supported OS.
The previous vpnupgrade.sh has been moved to vpnupgrade_ubuntu.sh.
2021-08-14 00:23:14 -05:00
hwdsl2
cd40f1e2b7
Rename update script
2021-08-13 22:59:41 -05:00
hwdsl2
cfd9128e3f
Improve VPN setup
...
- Wait for apt to be available
- Check for Wget and install it if not found
- Fallback to cURL if Wget fails
- Cleanup
2021-08-13 22:15:11 -05:00
hwdsl2
779a86f933
Cleanup
2021-08-13 02:11:31 -05:00
hwdsl2
21dc90e656
Update IKEv2 script
...
- Cleanup
2021-08-11 00:03:25 -05:00
hwdsl2
c8b5bb87f0
Update interface check
...
- Update network interface check in quickstart.sh so that it is
consistent with vpnsetup.sh.
2021-08-10 23:09:48 -05:00
hwdsl2
50053e3be7
Add quick start script
2021-08-10 02:57:18 -05:00
hwdsl2
6daacff466
Cleanup
2021-08-07 16:12:26 -05:00
hwdsl2
ab50fa7264
Update IKEv2 script
...
- Minor improvements to client name input prompts. Abort and exit
if the user presses Enter without specifying a client name.
- Cleanup
2021-07-31 23:36:43 -05:00
hwdsl2
c928068a20
Update IKEv2 script
...
- Cleanup
2021-07-31 15:31:13 -05:00
hwdsl2
2c3f4e20a5
Update IKEv2 script
...
- Cleanup
2021-07-30 08:47:10 -05:00
hwdsl2
2e17ef68ce
Update OS detection
2021-07-27 00:59:15 -05:00
hwdsl2
8d26e0b6c9
Update IKEv2 script
...
- Improve checking for MOBIKE support. Linux kernels on QNAP systems
do not support MOBIKE.
Ref: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/247
- Switch to use /etc/ipsec.d/.vpnconfig to store generated password
for IKEv2 client config files, instead of vpnclient.p12.password.
Migrate to use .vpnconfig if the older config file is found.
Ref: 45ee41d
2021-07-25 20:55:40 -05:00
hwdsl2
45ee41d930
Update IKEv2 script
...
- Improve IKEv2 setup: Save generated password for IKEv2 client
configuration files to vpnclient.p12.password, so that it can
be re-used for later runs of the helper script. Previously,
a different password is generated each time the script is run.
2021-07-24 15:58:48 -05:00
hwdsl2
855a285cff
Update IKEv2 script
...
- Cleanup
2021-07-23 00:22:51 -05:00
hwdsl2
a0409b4399
Cleanup
...
- In rare cases, if a parent process traps SIGPIPE, the 'tr'
command in the VPN setup scripts could output an error
'tr: write error: Broken pipe'. This is a cosmetic error
that does NOT affect the functionality of the scripts. This
commit hides the error in such cases.
2021-07-21 23:12:06 -05:00
hwdsl2
7afbca94a5
Cleanup
2021-07-17 00:52:04 -05:00
hwdsl2
5d43404beb
Update IKEv2 script
...
- Simplify IKEv2 setup: Use an auto-generated password to protect
client configuration files. Remove the steps for user input.
- Cleanup
2021-07-13 22:09:25 -05:00
hwdsl2
a90caf428b
Update IKEv2 script
...
- Add support for Alpine Linux in a Docker container. See:
https://github.com/hwdsl2/docker-ipsec-vpn-server
2021-07-12 23:41:33 -05:00
hwdsl2
61025818bb
Optimize binary size
...
- Use the gcc "-s" option when compiling Libreswan. This reduces
binary size by ~80%.
2021-07-10 01:57:11 -05:00
hwdsl2
64eb0e1f49
Cleanup
2021-06-09 00:42:28 -05:00
hwdsl2
811ce6a9aa
Update IKEv2 script
...
- Check certificate status when exporting a client configuration
using --exportclient
2021-06-01 23:35:19 -05:00
hwdsl2
ea52ab4683
Update IKEv2 script
...
- New: Revoke a client certificate using the helper script. Users can
also manually revoke a client certificate, see https://git.io/ikev2
- Check for certificate validity when exporting client configurations
- Delete CRL from IPsec database when removing IKEv2
- Cleanup
2021-06-01 02:30:51 -05:00
hwdsl2
3014143e15
Update IKEv2 script
...
- Advanced users can specify the server's IP address using variable
VPN_PUBLIC_IP instead of auto-detect
2021-05-11 09:59:29 -05:00
hwdsl2
ee409250d8
Improve IKEv2 setup
...
- Increase RSA key size from the default 2048 bits to 3072 bits
- Use fixed delay between certutil calls, a random delay is not needed
- Update docs
2021-05-01 14:46:12 -05:00
hwdsl2
e850fca9c3
Update IKEv2 script
...
- Remove MODP1024 from IKEv2 ciphers for improved security. Windows users
will need to make a one-time registry change before connecting for the
first time. Refer to https://git.io/ikev2 .
2021-04-24 22:34:48 -05:00
hwdsl2
ac0bde54bb
New Libreswan version
...
- Use new Libreswan version 4.4
- Support updating to Libreswan 4.4
- Other small improvements and cleanup
2021-04-24 16:15:05 -05:00
hwdsl2
d90c6121b6
Improve OS detection
2021-04-20 00:09:00 -05:00
hwdsl2
10f09bbab6
Cleanup
2021-04-18 14:27:52 -05:00
hwdsl2
f35ea9ed0d
Update IKEv2 script
...
- Improve output for auto mode when custom options are specified
2021-04-11 13:53:38 -05:00
hwdsl2
5076f9ec03
Update IKEv2 script
...
- Add an option to specify the name of the first IKEv2 client when
running the script in auto mode. The default is "vpnclient".
- Cleanup
2021-04-10 16:24:49 -05:00
hwdsl2
804856064b
Minor fix and cleanup
...
- Minor fix for CentOS 8 for the uncommon scenario where the server has
"nftables" service enabled
- Cleanup
2021-04-01 23:06:36 -05:00
hwdsl2
7ac343db4d
Update IKEv2 script
...
- Improve output
2021-03-30 23:47:59 -05:00
hwdsl2
e6c2cbcd96
Update IKEv2 script
2021-03-28 23:39:04 -05:00
hwdsl2
cd3a0c1bed
Update IKEv2 script
...
- Remove support for Libreswan 3.22 and older in the IKEv2 script. Users
should update to a newer version before setting up IKEv2.
- Cleanup
2021-03-19 23:58:06 -05:00
hwdsl2
eb8daa3a40
Update helper scripts
...
- Cleanup and minor improvements to the helper scripts for managing
VPN users
2021-03-12 00:07:48 -06:00
hwdsl2
35c85526b6
Update IKEv2 script
...
- Minor improvement to client config message
2021-03-08 23:23:00 -06:00
hwdsl2
d54b2ac57a
Cleanup
2021-03-07 23:38:38 -06:00