hwdsl2
c8463092c7
Update docs
...
- Fix PowerShell line continuation
Ref: #1321
2023-02-10 21:50:26 -06:00
Felix Storm
7079c6bcd2
Fix line endings in clients.md ( #1321 )
2023-02-10 21:47:41 -06:00
hwdsl2
dc32e28f47
Cleanup
2023-01-13 00:36:49 -06:00
hwdsl2
6337e56c2e
Update docs
2023-01-13 00:15:09 -06:00
hwdsl2
3bb649e3ec
Update docs
2023-01-06 21:29:48 -06:00
hwdsl2
45a26534e9
Update tests
2023-01-04 21:25:16 -06:00
hwdsl2
c356a75bca
Update docs
2023-01-04 18:58:29 -06:00
hwdsl2
2623d1bc07
Update tests
2023-01-04 02:16:17 -06:00
hwdsl2
3d05e96115
Update docs
2023-01-04 01:38:44 -06:00
hwdsl2
46b55ee737
Update docs
2022-12-23 20:51:54 -06:00
hwdsl2
8f76ffbdb6
Update docs
2022-12-19 00:50:49 -06:00
hwdsl2
217c3af7c4
Update docs
2022-12-17 01:08:33 -06:00
hwdsl2
fec1b7c7a2
Update IKEv2 script
...
- Improve MOBIKE detection by checking whether the IKEv2 connection
is successfully loaded. If not, the server's Linux kernel may not
support MOBIKE, and we disable it in ikev2.conf.
- This will help prevent the issue where the IKEv2 connection fails
to load on some systems due to lack of MOBIKE support. Note that
the script already has checks for MOBIKE support that cover common
cases.
- Related issues:
https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/330
https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/298
https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/247
2022-12-01 21:45:57 -06:00
hwdsl2
fad9e0d34d
Update IKEv2 setup log
...
- When using the IKEv2 change server address script on Docker,
update the IKEv2 setup log with the new server address, so that
it can be displayed in the container logs after a restart.
2022-12-01 21:25:41 -06:00
hwdsl2
8817e6f924
Update docs
...
- Update IKEv2 instructions for Linux clients.
Ref: #1282
2022-11-26 10:51:01 -06:00
hwdsl2
651c404bf6
Improve sysctl settings
...
- For enabling TCP BBR congestion control, add a check to make sure
tcp_congestion_control exists.
2022-11-20 15:01:44 -06:00
hwdsl2
fc16499d28
Update docs
2022-11-19 10:23:17 -06:00
hwdsl2
94e005c7aa
Update docs
2022-11-14 03:13:08 -06:00
hwdsl2
9188cd5b82
Update docs
2022-11-10 03:14:30 -06:00
hwdsl2
f558f26520
Update docs
...
- Add a troubleshooting section for IKEv2 "parameter is incorrect"
error.
- Fixes #1268 . See also #873 .
2022-11-07 23:20:01 -06:00
hwdsl2
4835154f84
Update docs
2022-11-06 01:33:12 -05:00
hwdsl2
46640c01b1
Update docs
2022-11-06 00:28:28 -05:00
hwdsl2
edd05df89c
Update IKEv2 script
...
- Improve the optional VPN On Demand feature on macOS and iOS.
Connect only on WiFi networks (instead of any network), with
captive portal detection. This is the most common use case.
2022-10-30 15:45:11 -05:00
hwdsl2
cbd356ac1a
Update docs
2022-10-29 14:21:25 -05:00
hwdsl2
117d76b309
Update docs
...
- Add instructions for Chrome OS (Chromebook) for IKEv2 mode
- Update instructions for Chrome OS for IPsec/L2TP mode
- Cleanup
2022-10-29 01:16:04 -05:00
hwdsl2
5943b2a041
Update docs
2022-10-28 22:13:05 -05:00
hwdsl2
4f8a19d337
Update OS check
...
- Add a check for Ubuntu 18.04 on architectures other than x86_64,
which is not supported by the VPN scripts for Libreswan 4.9.
2022-10-24 18:50:51 -05:00
hwdsl2
19d4ea067f
Update docs
2022-10-23 15:10:00 -05:00
hwdsl2
2bd37ccf66
Cleanup
...
- Save a redirect and make VPN setup slightly faster by using
raw.githubusercontent.com directly instead of
https://github.com/hwdsl2/setup-ipsec-vpn/raw/ ...
2022-10-23 14:05:57 -05:00
hwdsl2
5732125abf
Update docs
2022-10-23 11:21:29 -05:00
hwdsl2
4174ffa3ef
Improve VPN setup
...
- Improve download of VPN helper scripts during setup.
Note: https://github.com/hwdsl2/setup-ipsec-vpn/raw/master/extras/ ...
redirects to
https://raw.githubusercontent.com/hwdsl2/setup-ipsec-vpn/master/extras/ ...
Use the latter directly so that Wget can reuse the same connection
for all 3 helper scripts.
- For Ubuntu 18.04, improve download of NSS packages and add fallback URLs.
2022-10-22 23:55:06 -05:00
hwdsl2
780f815540
Improve VPN setup
...
- For Ubuntu 18.04, download NSS packages from GitHub for improved
reliability.
- Check and skip installing NSS packages if already installed.
2022-10-21 23:37:47 -05:00
hwdsl2
1b5030b8da
Update tests
2022-10-21 00:11:47 -05:00
hwdsl2
ed9eb5183c
Update docs
2022-10-21 00:11:30 -05:00
hwdsl2
d1da04b1d4
New Libreswan version
...
- Support upgrading to Libreswan 4.9.
- Compilation of Libreswan 4.9 on Ubuntu 18.04 requires newer
versions of NSS packages. They are installed in a similar way
as apply_ubuntu1804_nss_fix in ikev2setup.sh.
Ref: https://github.com/libreswan/libreswan/issues/892
2022-10-21 00:11:15 -05:00
hwdsl2
28d1f494f0
New Libreswan version
...
- Use new Libreswan version 4.9.
- Compilation of Libreswan 4.9 on Ubuntu 18.04 requires newer
versions of NSS packages. They are installed in a similar way
as apply_ubuntu1804_nss_fix in ikev2setup.sh.
Ref: https://github.com/libreswan/libreswan/issues/892
2022-10-21 00:10:58 -05:00
hwdsl2
f82e65d871
Update docs
2022-10-20 01:02:29 -05:00
hwdsl2
fef608a91a
Update IKEv2 script
...
- Cleanup
2022-10-19 00:31:52 -05:00
hwdsl2
2ce20e792c
Update docs
2022-10-16 22:59:43 -05:00
hwdsl2
24bc89149a
Update docs
2022-10-16 00:50:54 -05:00
hwdsl2
3dc675ba37
Add client validity option
...
- For IKEv2 mode, add a new variable VPN_CLIENT_VALIDITY for specifying
the client certificate validity period (in months). Must be an integer
between 1 and 120. Default value is 120. Users can define it as an
environment variable when setting up IKEv2 in auto mode, or when
adding a new IKEv2 client using "--addclient".
2022-10-16 00:45:45 -05:00
hwdsl2
0d4934c439
Update docs
2022-10-14 23:35:22 -05:00
hwdsl2
ad2883fa74
Update tests
2022-10-14 01:24:39 -05:00
hwdsl2
194d188313
Update docs
2022-10-14 00:36:09 -05:00
hwdsl2
e12ffa2222
Update docs
2022-10-10 08:54:52 -05:00
hwdsl2
ed359619bb
Cleanup
2022-10-10 00:29:25 -05:00
hwdsl2
bd291e91a1
Cleanup
2022-10-07 00:19:00 -05:00
hwdsl2
3bf17a75db
Improve interface check
...
- Install iproute (for the "ip" command) in the unlikely cases that
both "route" and "ip" commands are unavailable.
2022-10-04 22:52:37 -05:00
hwdsl2
6e596825e2
Improve VPN ciphers
...
- Improve security by removing support for modp1536 (DH group 5),
which is less secure and rarely used by VPN clients. To do this,
we specify modp2048 on the "ike=" line in ipsec.conf.
2022-09-30 01:11:18 -05:00
hwdsl2
4b15a5d2f9
Update docs
2022-09-30 01:04:50 -05:00