mirror/setup-ipsec-vpn
1
0
Fork 0
mirror of synced 2024-11-22 13:06:02 +03:00
Code Issues Projects Releases Wiki Activity
1,365 Commits 1 Branch 0 Tags 20 MiB
828bb86924
Commit Graph

171 Commits

Author SHA1 Message Date
hwdsl2
1442e9f35c Update OS support 
- Remove support for Ubuntu 18.04 and Debian 9, which reached EOL
  in June 2023 and July 2022, respectively.
- Cleanup
 2024-04-14 11:31:33 -05:00
hwdsl2
25670f39e7 Update IKEv2 script 
- Update client config file generation code due to a recent change
  on Ubuntu 20.04: The libnss3 package was recently updated to
  version 3.98 on Ubuntu 20.04, which requires these changes to the
  IKEv2 script.
  Ref: https://packages.ubuntu.com/focal/libnss3
 2024-04-10 22:06:28 -05:00
hwdsl2
5bb63dac28 Update Alpine Linux versions 
- Add Alpine Linux 3.19 and remove 3.17.
 2024-02-03 15:24:29 -06:00
hwdsl2
9268ad2e05 Update IKEv2 script 
- Add a command line option "-y" (or "--yes") to assume "yes" as answer
  to prompts when revoking/deleting a client or removing IKEv2.
  Ref: #1499
 2023-12-13 13:03:17 -06:00
hwdsl2
5a9402b75b Improve VPN ciphers 
- Update VPN ciphers for compatibility with macOS 14 (Sonoma).
  Ref: #1486, libreswan/libreswan#1450
 2023-12-09 23:39:07 -06:00
hwdsl2
16f5a1d81f Update Alpine Linux versions 
- Add Alpine Linux 3.18 and remove 3.16.
 2023-08-10 23:33:06 -05:00
hwdsl2
4c5f4e8327 Update OS check 
- Update OS check to detect Amazon Linux 2023, which is not currently
  supported for use with this project.
  Ref: #1388
 2023-05-21 22:19:30 -05:00
hwdsl2
2039f91151 New libnss3 version 
- Use new version of libnss3 for Ubuntu 18.04 NSS fix.
 2023-03-01 21:26:04 -06:00
hwdsl2
3f12b9583b Update Alpine Linux versions 
- Add Alpine Linux 3.17 and remove 3.15.
 2023-02-11 23:08:37 -06:00
hwdsl2
c356a75bca Update docs 2023-01-04 18:58:29 -06:00
hwdsl2
fec1b7c7a2 Update IKEv2 script 
- Improve MOBIKE detection by checking whether the IKEv2 connection
  is successfully loaded. If not, the server's Linux kernel may not
  support MOBIKE, and we disable it in ikev2.conf.
- This will help prevent the issue where the IKEv2 connection fails
  to load on some systems due to lack of MOBIKE support. Note that
  the script already has checks for MOBIKE support that cover common
  cases.
- Related issues:
  https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/330
  https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/298
  https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/247
 2022-12-01 21:45:57 -06:00
hwdsl2
edd05df89c Update IKEv2 script 
- Improve the optional VPN On Demand feature on macOS and iOS.
  Connect only on WiFi networks (instead of any network), with
  captive portal detection. This is the most common use case.
 2022-10-30 15:45:11 -05:00
hwdsl2
4174ffa3ef Improve VPN setup 
- Improve download of VPN helper scripts during setup.
  Note: https://github.com/hwdsl2/setup-ipsec-vpn/raw/master/extras/...
  redirects to
  https://raw.githubusercontent.com/hwdsl2/setup-ipsec-vpn/master/extras/...
  Use the latter directly so that Wget can reuse the same connection
  for all 3 helper scripts.
- For Ubuntu 18.04, improve download of NSS packages and add fallback URLs.
 2022-10-22 23:55:06 -05:00
hwdsl2
780f815540 Improve VPN setup 
- For Ubuntu 18.04, download NSS packages from GitHub for improved
  reliability.
- Check and skip installing NSS packages if already installed.
 2022-10-21 23:37:47 -05:00
hwdsl2
fef608a91a Update IKEv2 script 
- Cleanup
 2022-10-19 00:31:52 -05:00
hwdsl2
3dc675ba37 Add client validity option 
- For IKEv2 mode, add a new variable VPN_CLIENT_VALIDITY for specifying
  the client certificate validity period (in months). Must be an integer
  between 1 and 120. Default value is 120. Users can define it as an
  environment variable when setting up IKEv2 in auto mode, or when
  adding a new IKEv2 client using "--addclient".
 2022-10-16 00:45:45 -05:00
hwdsl2
cc99e18123 Cleanup 2022-09-24 18:56:27 -05:00
hwdsl2
32faed40d5 Improve IP check 
- Instead of finding the server's public IP, use the IP address
  on the default route if it is not a private IP. This makes VPN
  setup slightly faster by skipping IP detection.
- Add a fallback URL for finding the server's public IP.
- Cleanup
 2022-09-24 00:58:16 -05:00
hwdsl2
8912e6ec8e Update IKEv2 script 
- Cleanup
 2022-09-11 00:17:26 -05:00
hwdsl2
098a6b4e5d Update IKEv2 script 
- When revoking or deleting an existing client, remove previously
  generated client config files for the client.
- Cleanup
 2022-09-09 23:03:07 -05:00
hwdsl2
6a872207f4 Update IKEv2 script 
- Add a note about changing IKEv2 server address.
 2022-08-11 00:02:42 -05:00
hwdsl2
4995ec03f5 Improve OS support 
- Make the VPN setup scripts work on Kali Linux (based on Debian).
- Update IKEv2 helper script to check for OpenSSL 3 first when
  exporting the .p12 file.
 2022-08-10 23:25:58 -05:00
hwdsl2
e2f211c678 Improve OS detection 
- Improve OS detection and clean up
 2022-08-10 22:41:55 -05:00
hwdsl2
1dbf897500 Cleanup 
- Fix OS checking: Don't show errors for /etc/redhat-release.
- Fixes #1211.
 2022-08-09 19:34:32 -05:00
hwdsl2
10d54262fb Add CentOS 9 
- Add support for version 9 of CentOS Stream, RHEL, Rocky Linux
  and AlmaLinux.
 2022-07-30 02:59:49 -05:00
hwdsl2
6b6ad1cbd8 Update IKEv2 script 
- Add a check for OpenSSL 3 when creating client configuration.
 2022-07-26 23:55:14 -05:00
hwdsl2
5efff22b1a Update IKEv2 script 
- Update NSS workaround for Ubuntu 18.04 with new package versions
 2022-07-09 22:29:35 -05:00
hwdsl2
39bdb36484 Update IKEv2 script 
- Add Alpine Linux 3.16 and remove 3.14.
 2022-06-19 22:17:13 -05:00
hwdsl2
001b363a07 Update IKEv2 script 
- Disable MOBIKE when running on Synology NAS. MOBIKE is not supported
  on these systems and prevents IKEv2 from working if enabled.
  Ref: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/298
 2022-06-18 01:27:17 -05:00
hwdsl2
8cf4cc3825 Update IKEv2 script 
- Update workaround for newer NSS and openssl versions to include
  Debian testing in addition to Ubuntu 22.04.
  Ref: #1184
 2022-06-18 01:20:49 -05:00
hwdsl2
d36c435c95 Improve IPsec config 
- IKEv2 mode uses retransmit-timeout instead of dpdtimeout.
- Increase timeouts from 120s to 300s, so that the VPN server can
  keep the VPN connection open if the client's network is unstable.
 2022-06-15 00:28:21 -05:00
hwdsl2
0e24f8b086 Cleanup 2022-06-09 13:44:16 -05:00
hwdsl2
41d37e808e Cleanup 2022-06-07 00:37:31 -05:00
hwdsl2
7b9813d562 Cleanup 2022-05-27 01:12:37 -05:00
hwdsl2
ffb22c4858 Cleanup 2022-05-23 22:08:30 -05:00
hwdsl2
dce25ada28 Update IKEv2 script 
- Add a note about OpenVPN and WireGuard which can be optionally
  installed alongside IPsec VPN.
 2022-05-23 08:22:53 -05:00
hwdsl2
1aa2d87e01 Update IKEv2 script 
- Update NSS workaround for Ubuntu 18.04 with new package versions
 2022-05-13 09:27:22 -05:00
hwdsl2
81d26c08fa Update IKEv2 script 
- Add a check for IKEv2-only mode before removing IKEv2.
 2022-05-08 02:59:28 -05:00
hwdsl2
c66ca577f3 Update links 
- Update links due to git.io deprecation.
  Ref: https://github.blog/changelog/2022-04-25-git-io-deprecation/
 2022-04-29 22:32:22 -05:00
hwdsl2
cc709766e9 Update links 
- Update links due to git.io deprecation.
  Ref: https://github.blog/changelog/2022-04-25-git-io-deprecation/
 2022-04-28 08:24:22 -05:00
hwdsl2
b2626dc921 Cleanup 2022-04-27 00:05:45 -05:00
hwdsl2
78517c43c9 Update IKEv2 script 
- New: Delete an IKEv2 client certificate using the IKEv2 helper script.
- Cleanup
 2022-04-06 22:49:20 -05:00
hwdsl2
37b2ba3559 Update IKEv2 script 
- Show total when listing IKEv2 clients
- Cleanup
 2022-04-05 23:38:43 -05:00
hwdsl2
629b39d3b3 Add Oracle Linux 
- Add support for Oracle Linux 8 and 7.
 2022-03-20 23:10:11 -05:00
hwdsl2
9e58aace48 Cleanup 2022-03-20 10:06:25 -05:00
hwdsl2
3a5d46653d Update IKEv2 script 
- Add a workaround for Ubuntu 22.04 "password is incorrect" issue
  when importing IKEv2 client config files into iOS and macOS devices.
- Ubuntu 22.04 uses OpenSSL 3, which has a default "openssl pkcs12"
  encoding algorithm that is incompatible with iOS and macOS devices.
  Ref: https://developer.apple.com/forums/thread/697030?answerId=701291022#701291022
 2022-03-20 02:49:09 -05:00
hwdsl2
d794fe0772 Cleanup 2022-03-20 00:14:25 -05:00
hwdsl2
742e43ffcd Cleanup 2022-03-18 21:52:20 -05:00
hwdsl2
e5703d8aaa Cleanup 2022-03-07 21:29:13 -06:00
hwdsl2
6850aa7f3b Update IKEv2 script 
- Change the warning for parameter "--auto" to an error, in cases
  that IKEv2 is already set up on the server.
 2022-03-02 21:46:15 -06:00