hwdsl2
88ab115874
Update docs
2021-07-27 09:53:25 -05:00
hwdsl2
2e17ef68ce
Update OS detection
2021-07-27 00:59:15 -05:00
hwdsl2
f18c3c0207
Update docs
2021-07-25 20:55:54 -05:00
hwdsl2
8d26e0b6c9
Update IKEv2 script
...
- Improve checking for MOBIKE support. Linux kernels on QNAP systems
do not support MOBIKE.
Ref: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/247
- Switch to use /etc/ipsec.d/.vpnconfig to store generated password
for IKEv2 client config files, instead of vpnclient.p12.password.
Migrate to use .vpnconfig if the older config file is found.
Ref: 45ee41d
2021-07-25 20:55:40 -05:00
hwdsl2
0951ca4925
Update tests
2021-07-24 16:29:10 -05:00
hwdsl2
02bdbeb9a2
Update docs
2021-07-24 16:26:20 -05:00
hwdsl2
45ee41d930
Update IKEv2 script
...
- Improve IKEv2 setup: Save generated password for IKEv2 client
configuration files to vpnclient.p12.password, so that it can
be re-used for later runs of the helper script. Previously,
a different password is generated each time the script is run.
2021-07-24 15:58:48 -05:00
hwdsl2
8db2a9ebd8
Update docs
2021-07-23 01:25:25 -05:00
hwdsl2
855a285cff
Update IKEv2 script
...
- Cleanup
2021-07-23 00:22:51 -05:00
hwdsl2
a0409b4399
Cleanup
...
- In rare cases, if a parent process traps SIGPIPE, the 'tr'
command in the VPN setup scripts could output an error
'tr: write error: Broken pipe'. This is a cosmetic error
that does NOT affect the functionality of the scripts. This
commit hides the error in such cases.
2021-07-21 23:12:06 -05:00
hwdsl2
b59eb58ac9
Update docs
2021-07-21 01:56:11 -05:00
hwdsl2
7afbca94a5
Cleanup
2021-07-17 00:52:04 -05:00
hwdsl2
90b4f797a9
Update tests
2021-07-13 22:30:12 -05:00
hwdsl2
5d43404beb
Update IKEv2 script
...
- Simplify IKEv2 setup: Use an auto-generated password to protect
client configuration files. Remove the steps for user input.
- Cleanup
2021-07-13 22:09:25 -05:00
hwdsl2
a90caf428b
Update IKEv2 script
...
- Add support for Alpine Linux in a Docker container. See:
https://github.com/hwdsl2/docker-ipsec-vpn-server
2021-07-12 23:41:33 -05:00
hwdsl2
61025818bb
Optimize binary size
...
- Use the gcc "-s" option when compiling Libreswan. This reduces
binary size by ~80%.
2021-07-10 01:57:11 -05:00
hwdsl2
4422bea6a4
Update tests
2021-06-20 15:22:32 -05:00
hwdsl2
02b6d05c82
Update IPTables rules
...
- Allow traffic from IKEv2 and IPsec/XAuth ("Cisco IPsec") clients to
IPsec/L2TP clients. Ref: #983
- Cleanup
- Update docs
2021-06-20 15:02:33 -05:00
hwdsl2
282a8e5e5a
Update tests
2021-06-12 22:34:34 -05:00
hwdsl2
64eb0e1f49
Cleanup
2021-06-09 00:42:28 -05:00
hwdsl2
99dd5702e7
Update docs
2021-06-06 15:27:56 -05:00
hwdsl2
9072c0889c
Update docs
2021-06-06 12:04:19 -05:00
hwdsl2
7376fc02d2
Update docs
2021-06-04 17:27:21 -05:00
hwdsl2
e05cdb4b83
Update docs
2021-06-04 14:48:19 -05:00
hwdsl2
247298bb05
Update tests
2021-06-03 22:09:56 -05:00
hwdsl2
811ce6a9aa
Update IKEv2 script
...
- Check certificate status when exporting a client configuration
using --exportclient
2021-06-01 23:35:19 -05:00
hwdsl2
5adaa29947
Update tests
2021-06-01 02:43:44 -05:00
hwdsl2
d6088751b9
Update docs
2021-06-01 02:31:14 -05:00
hwdsl2
ea52ab4683
Update IKEv2 script
...
- New: Revoke a client certificate using the helper script. Users can
also manually revoke a client certificate, see https://git.io/ikev2
- Check for certificate validity when exporting client configurations
- Delete CRL from IPsec database when removing IKEv2
- Cleanup
2021-06-01 02:30:51 -05:00
hwdsl2
55b468bb1f
Update docs
2021-05-24 01:20:32 -05:00
hwdsl2
de2d49d3a6
Improve IKEv2 setup
...
- Add a link to /usr/bin for the IKEv2 helper script
2021-05-24 01:14:32 -05:00
hwdsl2
cda1f00e06
Update docs
2021-05-22 23:25:54 -05:00
hwdsl2
3014143e15
Update IKEv2 script
...
- Advanced users can specify the server's IP address using variable
VPN_PUBLIC_IP instead of auto-detect
2021-05-11 09:59:29 -05:00
hwdsl2
293e5d999a
Improve IP detection
2021-05-11 09:59:18 -05:00
hwdsl2
8176f81e4f
Update docs
2021-05-03 00:06:33 -05:00
hwdsl2
ab69631e54
Update docs
2021-05-02 15:55:32 -05:00
hwdsl2
933114087b
Update docs
2021-05-02 00:48:29 -05:00
hwdsl2
ee409250d8
Improve IKEv2 setup
...
- Increase RSA key size from the default 2048 bits to 3072 bits
- Use fixed delay between certutil calls, a random delay is not needed
- Update docs
2021-05-01 14:46:12 -05:00
hwdsl2
21a72d6232
Update docs
2021-04-30 09:42:36 -05:00
hwdsl2
9bd716dda8
Update docs
2021-04-26 22:59:30 -05:00
hwdsl2
c55bdd7d13
Update permissions
...
- Set executable bit for ikev2.sh
2021-04-26 22:55:32 -05:00
hwdsl2
c9e3bff6e2
Update tests
2021-04-26 00:08:16 -05:00
hwdsl2
7fa6df6105
Update docs
...
- Remove Ubuntu 16.04, whose standard support will end on April 30,
2021
- Add a note on CentOS Linux 8
2021-04-26 00:06:17 -05:00
hwdsl2
92d3835311
Remove Ubuntu 16.04
...
- Remove Ubuntu 16.04 from templates, whose standard support will end on
April 30, 2021.
2021-04-26 00:01:14 -05:00
hwdsl2
5d5bcf6857
Update IKEv2 docs
2021-04-24 22:56:51 -05:00
hwdsl2
e850fca9c3
Update IKEv2 script
...
- Remove MODP1024 from IKEv2 ciphers for improved security. Windows users
will need to make a one-time registry change before connecting for the
first time. Refer to https://git.io/ikev2 .
2021-04-24 22:34:48 -05:00
hwdsl2
f72bdf1237
Update tests
2021-04-24 16:16:44 -05:00
hwdsl2
740f6d92d0
Update docs
2021-04-24 16:16:29 -05:00
hwdsl2
ac0bde54bb
New Libreswan version
...
- Use new Libreswan version 4.4
- Support updating to Libreswan 4.4
- Other small improvements and cleanup
2021-04-24 16:15:05 -05:00
hwdsl2
d90c6121b6
Improve OS detection
2021-04-20 00:09:00 -05:00