1
0
mirror of synced 2024-11-22 21:16:02 +03:00
Commit Graph

308 Commits

Author SHA1 Message Date
hwdsl2
23458655ac Update IKEv2 docs
- Add "pfs=no" to fix IKEv2 disconnect issues (at 8 mins) on iOS/macOS
- Replace "fragmentation" with "ike-frag" for compatibility
- Fixes #474
- Ref: https://github.com/libreswan/libreswan/issues/222
- Ref: http://www.openradar.appspot.com/29821241
2018-11-04 00:59:01 -05:00
hwdsl2
f1c8c06af1 Improve VPN ciphers
- Replace "aes_gcm256-null,aes_gcm128-null" with "aes_gcm-null" to
  improve compatibility with some Linux kernels
- Ref: https://libreswan.org/wiki/FAQ#Using_aes_gcm_or_aes_ctr_results_in_ERROR:_netlink_response_for_Add_SA_esp.XXXXXXXX.40IPADDRESS_included_errno_22:_Invalid_argument
2018-11-02 01:54:49 -05:00
hwdsl2
ce895e7116 Update IKEv2 docs
- Change 'mobike' from 'yes' to 'no' by default, because it is not
  available on Ubuntu and can prevent the IKEv2 config from loading
2018-11-02 01:30:11 -05:00
hwdsl2
e797493a17 Update IKEv2 docs 2018-10-30 00:00:08 -05:00
hwdsl2
ccc93a8c96 Update docs 2018-10-29 01:27:04 -05:00
hwdsl2
5f75a7306a Improve VPN ciphers
- Revert 'sha2-truncbug' from 'no' to 'yes' to fix compatibility with
  Android versions 6.x and 7.x.
- Remove aes128-sha2_512 algorithm
- Ref: 732ad1e
2018-10-28 00:33:42 -05:00
hwdsl2
732ad1e941 Improve VPN ciphers
- Optimize VPN ciphers and their order for improved security and
  compatibility with different OS. Remove 3DES algorithm
- Change 'sha2-truncbug' from 'yes' to 'no'
- Update docs
2018-10-27 00:53:19 -05:00
hwdsl2
2f9f5c39de Update IKEv2 docs
- Add known issue about multiple IKEv2 clients from behind the same NAT
- Ref: #469
2018-10-26 15:16:39 -05:00
hwdsl2
f05bf90dbc Update IKEv2 docs
- Enable MOBIKE option for Libreswan 3.23 and newer
- Add AES-GCM cipher for improved performance
2018-10-25 01:07:56 -05:00
hwdsl2
0442d25217 Update IKEv2 docs 2018-10-21 20:52:05 -05:00
hwdsl2
804211c101 Cleanup 2018-10-21 00:20:54 -05:00
hwdsl2
599eb1aa8a Update IKEv2 docs
- Add IKEv2 instructions for OS X (macOS) clients
- Cleanup
2018-10-16 20:29:07 -05:00
hwdsl2
9c529435cf Fix IKEv2 docs
- Fixed an issue with address pool clashing by reverting to
  rightaddresspool=192.168.43.10-192.168.43.250
- Replaced "Example" with "IKEv2 VPN" for clarity
- Closes #465
2018-10-14 23:53:06 -05:00
hwdsl2
26ef49b099 Update IKEv2 docs
- Add instructions for iOS (iPhone/iPad). Thanks @zzuzjl for the
  suggestion!
- Change IKEv2 address pool to 192.168.43.150-192.168.43.250 to help
  avoid conflict with IPsec/XAuth
- Closes #453. Closes #461
- Cleanup
2018-10-13 14:26:09 -05:00
hwdsl2
20f57975b3 Update docs
- Add notes for the faster IPsec/XAuth and IKEv2 modes
- Cleanup
2018-09-30 18:36:42 -05:00
hwdsl2
7d4ac79259 Update IKEv2 docs
- Re-add Android instructions to IKEv2 docs because it is fixed in
  Libreswan 3.26
- Ref: 964b793 #307
- Cleanup
2018-09-22 01:58:58 -05:00
hwdsl2
5d3f4eb7e6 Update docs
- Update README and IKEv2 docs for Libreswan 3.26
2018-09-21 23:56:16 -05:00
hwdsl2
716bdad687 Update docs
- Add troubleshooting sections for Windows 10 version 1803 and macOS
  IPsec/L2TP mode "Send all traffic"
- Cleanup
- Ref: #442 #376
2018-09-14 00:01:00 -05:00
hwdsl2
7ce65083af Update IKEv2 docs
- Skip the "random keystrokes" step when generating certificates
  (use /dev/urandom instead)
- Cleanup
2018-09-06 00:22:31 -05:00
hwdsl2
89e105fcda Update docs
- Closes #433
2018-09-04 00:51:58 -05:00
hwdsl2
c8e1bbe6d0 Update docs
- Add note for Windows 10 upgrade issues. Closes #376
- Add note for Android VPN troubleshooting. Ref: #416
2018-07-17 00:23:14 -05:00
hwdsl2
b8088d3934 Improve EPEL repo
- Improve handling of the EPEL repository. Although uncommon, some systems
  can have epel-release installed but disabled in /etc/yum.repos.d/epel.repo
- Fixes #210
2018-07-04 20:07:32 -05:00
hwdsl2
94ca6536c8 Update docs
- Fix/Update links
- Add reg files for Windows Error 809 fix
- Move Linux client instructions
2018-05-13 15:26:14 -05:00
hwdsl2
9417d26afd Update docs
- Improve Chromebook troubleshooting section
2018-05-10 00:11:59 -05:00
hwdsl2
05847255e5 Update docs
- Fix Shrew Soft VPN Client instructions
- Tested and working in Windows 7
- Closes #326
- Closes #379
2018-05-09 02:46:03 -05:00
hwdsl2
964b7934aa Update IKEv2 docs
- Add rightid=%fromcert to ipsec.conf
- Remove strongSwan Android VPN client instructions due to issues (#307)
2018-05-08 03:11:48 -05:00
hwdsl2
a3ee9ce033 Update docs 2018-05-08 01:05:22 -05:00
hwdsl2
17ca2ee87f Update docs 2018-05-05 19:37:33 -05:00
hwdsl2
0c6cb4b8a9 Update year 2018-05-05 18:49:38 -05:00
hwdsl2
36208fa4ca Update docs 2018-02-17 10:05:34 -06:00
hwdsl2
43dbac6c3c Update docs 2018-02-11 00:37:00 -06:00
hwdsl2
70c6d6b540 Various clean up 2017-11-01 01:01:49 -05:00
hwdsl2
68a6375399 Update docs 2017-10-27 01:02:03 -05:00
Any
e316c8cdf8 Troubleshooting error 728 (#250)
* Update docs
2017-10-27 00:35:51 -05:00
hwdsl2
087306dbf5 Update docs 2017-10-02 21:55:21 -05:00
hwdsl2
f8414c40f6 Update images
- Update VPN properties screenshots for MS-CHAP v2
2017-09-25 18:59:04 -05:00
hwdsl2
bc0324f957 Improve IKEv2 docs
- Make it clear how to use the VPN server's DNS name to connect
2017-06-03 14:53:45 -05:00
hwdsl2
47a9015135 Improve VPN ciphers
- Add 3des-sha2 to allowed VPN ciphers, and clean up
2017-06-02 14:24:55 -05:00
hwdsl2
654ddcdfa4 Update docs 2017-05-30 15:01:26 -05:00
hwdsl2
d437f7044d Update docs
- Add troubleshooting notes for Chromebook users
- Closes #147
2017-05-16 16:05:25 -05:00
hwdsl2
7aeae4c8b8 Update docs 2017-05-05 10:37:45 -05:00
hwdsl2
4c6aa6e3a1 Update docs 2017-05-02 16:55:54 -05:00
hwdsl2
f58afbc84b Update VPN ciphers
- Add aes256-sha2_512 to the list of allowed ciphers
- Required for Android 7.1.x and (possibly) Chromebook
2017-04-12 10:17:08 -05:00
hwdsl2
fec47196d6 Update docs 2017-03-19 22:10:49 -05:00
hwdsl2
03007079e6 Improve VPN IPs
- Use %defaultroute and iptables MASQUERADE, no need to detect private IP
- Use %any for the first field of ipsec.secrets, instead of public IP
- As a result, the VPN server should now better adapt to IP changes.
2017-02-10 18:00:29 -06:00
hwdsl2
f7961242e4 Update docs 2017-02-10 10:32:24 -06:00
hwdsl2
e6b9208eeb Update docs 2017-02-07 21:12:31 -06:00
hwdsl2
8c0940f63b Update docs
- Improve IKEv2 docs. The strongSwan Android VPN client requires
  an "IP address" in the VPN server certificate's subjectAltName field
  in addition to "DNS name", when connecting using the server's IP.
  The certutil commands have been updated to add this field.
- Other improvements to docs
2017-02-05 14:48:11 -06:00
hwdsl2
c8d8730fd0 Minor fix
[ci skip]
2017-01-26 17:42:13 -06:00
hwdsl2
758f0e1418 Fix IKEv2 docs
- Windows 8.x and 10 require the IKEv2 machine certificate to have
  "Client Auth" EKU in addition to "Server Auth". Otherwise it gives
  "Error 13806: IKE failed to find valid machine certificate..."
- The IKEv2 documentation has been updated to fix this issue
- Also, this Libreswan wiki page may need to be updated. @letoams
  https://libreswan.org/wiki/VPN_server_for_remote_clients_using_IKEv2
- Ref: #106. Thanks @evil-shrike!
2017-01-26 17:15:43 -06:00
hwdsl2
a156a1f5f3 Update docs
[ci skip]
2017-01-25 13:12:47 -06:00
hwdsl2
0c8f117fd9 Update docs
[ci skip]
2017-01-21 12:13:27 -06:00
hwdsl2
63697214b4 Improve VPN ciphers
- Consolidate VPN ciphers for "ike=" and "phase2alg=" in ipsec.conf.
2017-01-18 23:01:09 -06:00
hwdsl2
e40dd6219b Bugfix
- Libreswan 3.19 removed MODP1024 from the ike= default list,
  which breaks compatibility with Android 5.x and others
- This commit explicitly adds MODP1024 back to the ike= list
- Fixes #101. Thanks @keijodputt!
2017-01-18 20:10:43 -06:00
hwdsl2
5cbadb643b Update docs
[ci skip]
2017-01-18 16:31:42 -06:00
hwdsl2
c8bfb7c741 Update docs
[ci skip]
2017-01-18 01:50:43 -06:00
hwdsl2
e767b462a5 Fix docs
- Further improve IKEv2 config for Windows 7/8/10
- Ref: 9455b19
2017-01-17 11:31:40 -06:00
hwdsl2
9455b19119 Fix docs
- Libreswan 3.19 requires configuration changes in ipsec.conf
  for IKEv2, so that Windows 7/8/10 clients can connect
2017-01-17 02:22:46 -06:00
hwdsl2
2727f1a1a0 Update year 2017-01-16 22:13:13 -06:00
hwdsl2
3735530015 Update docs
[ci skip]
2017-01-16 17:27:08 -06:00
hwdsl2
e41cf78b53 Update docs
[ci skip]
2017-01-03 23:31:56 -06:00
hwdsl2
e6ebdeaaf8 Update docs
[ci skip]
2016-12-30 16:24:47 -06:00
hwdsl2
af1af539aa Update docs
[ci skip]
2016-11-23 20:19:05 -06:00
hwdsl2
6d99a01b0a Remove SHA2 workaround
- Libreswan 3.18 and higher prefers sha2_512 over sha2_256
- The 'sha2-truncbug=yes' workaround is no longer needed
- Ref: https://libreswan.org/wiki/FAQ#Configuration_Matters
2016-11-06 14:40:30 -06:00
hwdsl2
75bcdfae75 Update docs
[ci skip]
2016-10-29 18:36:58 -05:00
hwdsl2
13db1d4a7f Improve Linux instructions
- Add option "noipdefault" to fix Linux clients behind NAT
- Specify VPN username and password in the config file
- Combine the Ubuntu/Debian and CentOS/Fedora sections
- [ci skip]
2016-10-25 18:08:36 -05:00
hwdsl2
44eb55f9f3 Update docs
[ci skip]
2016-10-24 09:53:07 -05:00
hwdsl2
5193d199ca Improve Linux client instructions
[ci skip]
2016-10-21 09:05:33 -05:00
hwdsl2
2e7913bd44 Update docs
[ci skip]
2016-10-15 14:49:20 -05:00
hwdsl2
65f1bcd726 Update docs
[ci skip]
2016-10-08 15:03:06 -05:00
hwdsl2
1f7d9f1687 Update IKEv2 howto
[ci skip]
2016-09-28 14:58:04 -05:00
hwdsl2
6d3b7239de Update docs
[ci skip]
2016-09-28 00:00:19 -05:00
hwdsl2
b8bc702f21 Update docs
[ci skip]
2016-09-18 17:30:23 -05:00
hwdsl2
56a96603f9 Update docs
[ci skip]
2016-09-11 16:16:52 -05:00
hwdsl2
77d0f0bc93 Add IKEv2 how to
[ci skip]
2016-08-30 11:35:24 -05:00
hwdsl2
72d0f7ff52 Clean up docs
[ci skip]
2016-08-26 15:48:32 -05:00
hwdsl2
dad10f7ad7 Update docs
- Fix instructions for Shrew Soft client
- [ci skip]
2016-08-25 23:36:34 -05:00
hwdsl2
5064f3a6d6 Update docs
- Improve Android 6 workaround
- [ci skip]
2016-08-19 01:52:13 -05:00
hwdsl2
b27f58f785 Update README.md
[ci skip]
2016-08-15 01:13:15 -05:00
hwdsl2
28a8d496f0 Update docs
[ci skip]
2016-08-12 16:34:57 -05:00
hwdsl2
dc97e46542 Update docs
[ci skip]
2016-08-11 17:31:08 -05:00
hwdsl2
da8726e24e Update docs
[ci skip]
2016-07-22 22:48:25 -05:00
hwdsl2
8acee7ec39 Update docs
[ci skip]
2016-07-18 15:24:56 -05:00
hwdsl2
bb61197b4f Minor corrections to docs
[ci skip]
2016-07-06 09:09:42 -05:00
hwdsl2
9b541c6da3 Update docs
[ci skip]
2016-07-03 10:01:19 -05:00
hwdsl2
8475a9bb99 Improve docs
[ci skip]
2016-06-28 17:42:39 -05:00
hwdsl2
f0804e5184 Remove IP6Tables rules
- Not needed for the VPN to work
2016-06-26 01:09:13 -05:00
hwdsl2
461dbc2fbc Minor corrections to docs
[ci skip]
2016-06-25 10:45:58 -05:00
hwdsl2
681f10cd70 Improve docs
- Add translation for uninstall.md
- Various corrections to docs
- [ci skip]
2016-06-24 18:23:31 -05:00
littleguga
f12457d703 add table of content 2016-06-24 02:16:01 +03:00
littleguga
bb0f9934f6 add uninstall instructions 2016-06-24 02:10:25 +03:00
hwdsl2
993f962261 Minor corrections to docs
[ci skip]
2016-06-22 02:53:05 -05:00
hwdsl2
cf1c387400 Minor corrections to docs
[ci skip]
2016-06-08 20:06:07 -05:00
hwdsl2
455f659c59 Move README section to new docs 2016-06-07 21:08:39 -05:00
hwdsl2
003ccc4445 Improve docs for Windows clients
[ci skip]
2016-06-01 20:04:12 -05:00
hwdsl2
80295518c6 Add instructions to manage VPN users 2016-05-21 19:26:19 -05:00
hwdsl2
d9026fe05d Minor corrections to docs 2016-05-21 14:37:43 -05:00
hwdsl2
631e3db107 Minor corrections to docs 2016-05-21 05:40:56 -05:00
hwdsl2
59a914ec6d Minor corrections to docs 2016-05-20 02:32:37 -05:00
hwdsl2
6b9a3cae4d Improve docs for Windows users 2016-05-19 01:53:42 -05:00
hwdsl2
eddcd9ec3b Update docs to reflect new changes 2016-05-18 23:15:15 -05:00
hwdsl2
3afa732b6d Minor corrections to docs 2016-05-17 22:40:58 -05:00
hwdsl2
d5f4a1ecaa Add client setup docs for IPsec/XAUTH 2016-05-17 11:26:51 -05:00
hwdsl2
1502ad67c2 Minor corrections to docs 2016-05-13 01:46:26 -05:00
hwdsl2
7e06ad16c4 Minor corrections to docs 2016-05-11 03:18:20 -05:00
hwdsl2
aaccabd55a Add notes on multiple VPN users 2016-05-11 02:30:40 -05:00
hwdsl2
d842888f69 Minor corrections to docs 2016-05-11 00:56:33 -05:00
hwdsl2
de8d25a540 Add instructions for client setup 2016-05-10 23:26:48 -05:00