1
0
mirror of synced 2024-11-22 21:16:02 +03:00
Commit Graph

747 Commits

Author SHA1 Message Date
hwdsl2
ee409250d8 Improve IKEv2 setup
- Increase RSA key size from the default 2048 bits to 3072 bits
- Use fixed delay between certutil calls, a random delay is not needed
- Update docs
2021-05-01 14:46:12 -05:00
hwdsl2
21a72d6232 Update docs 2021-04-30 09:42:36 -05:00
hwdsl2
9bd716dda8 Update docs 2021-04-26 22:59:30 -05:00
hwdsl2
c55bdd7d13 Update permissions
- Set executable bit for ikev2.sh
2021-04-26 22:55:32 -05:00
hwdsl2
c9e3bff6e2 Update tests 2021-04-26 00:08:16 -05:00
hwdsl2
7fa6df6105 Update docs
- Remove Ubuntu 16.04, whose standard support will end on April 30,
  2021
- Add a note on CentOS Linux 8
2021-04-26 00:06:17 -05:00
hwdsl2
92d3835311 Remove Ubuntu 16.04
- Remove Ubuntu 16.04 from templates, whose standard support will end on
  April 30, 2021.
2021-04-26 00:01:14 -05:00
hwdsl2
5d5bcf6857 Update IKEv2 docs 2021-04-24 22:56:51 -05:00
hwdsl2
e850fca9c3 Update IKEv2 script
- Remove MODP1024 from IKEv2 ciphers for improved security. Windows users
  will need to make a one-time registry change before connecting for the
  first time. Refer to https://git.io/ikev2.
2021-04-24 22:34:48 -05:00
hwdsl2
f72bdf1237 Update tests 2021-04-24 16:16:44 -05:00
hwdsl2
740f6d92d0 Update docs 2021-04-24 16:16:29 -05:00
hwdsl2
ac0bde54bb New Libreswan version
- Use new Libreswan version 4.4
- Support updating to Libreswan 4.4
- Other small improvements and cleanup
2021-04-24 16:15:05 -05:00
hwdsl2
d90c6121b6 Improve OS detection 2021-04-20 00:09:00 -05:00
hwdsl2
28b02f28db Fix for CentOS 8
- Minor fix for IPTables FORWARD rules on CentOS 8
- Cleanup
2021-04-19 00:38:50 -05:00
hwdsl2
dc1bcb21f9 Update docs 2021-04-18 14:28:00 -05:00
hwdsl2
10f09bbab6 Cleanup 2021-04-18 14:27:52 -05:00
hwdsl2
6c5e29351f Optimize images 2021-04-16 22:27:49 -05:00
hwdsl2
55aac9ad37 Update IKEv2 docs 2021-04-11 15:44:03 -05:00
hwdsl2
f35ea9ed0d Update IKEv2 script
- Improve output for auto mode when custom options are specified
2021-04-11 13:53:38 -05:00
hwdsl2
cc1223369f Update tests 2021-04-10 16:25:22 -05:00
hwdsl2
848ff7ba0a Update IKEv2 docs 2021-04-10 16:25:13 -05:00
hwdsl2
5076f9ec03 Update IKEv2 script
- Add an option to specify the name of the first IKEv2 client when
  running the script in auto mode. The default is "vpnclient".
- Cleanup
2021-04-10 16:24:49 -05:00
hwdsl2
804856064b Minor fix and cleanup
- Minor fix for CentOS 8 for the uncommon scenario where the server has
  "nftables" service enabled
- Cleanup
2021-04-01 23:06:36 -05:00
hwdsl2
d76ded2c52 Update docs 2021-03-31 00:58:06 -05:00
hwdsl2
7ac343db4d Update IKEv2 script
- Improve output
2021-03-30 23:47:59 -05:00
hwdsl2
7f8f231479 Update docs
- Add advanced usage for IKEv2-only VPN
2021-03-30 01:15:00 -05:00
hwdsl2
f2872197b1 Update docs 2021-03-29 15:07:41 -05:00
hwdsl2
356a5bd130 Update docs 2021-03-29 15:05:45 -05:00
hwdsl2
4d371e360e Update docs 2021-03-29 00:09:15 -05:00
hwdsl2
cec1dde5e4 Improve setup
- To make it easier for users to set up IKEv2, the IKEv2 helper script
  is now downloaded during VPN setup.
- Cleanup
2021-03-28 23:39:29 -05:00
hwdsl2
e6c2cbcd96 Update IKEv2 script 2021-03-28 23:39:04 -05:00
hwdsl2
191e0af9ff Update docs 2021-03-27 22:59:59 -05:00
hwdsl2
9437be8553 Update docs 2021-03-27 14:51:18 -05:00
hwdsl2
de2acaabc5 Update IKEv2 docs
- Add Linux instructions for IKEv2
2021-03-27 00:48:09 -05:00
hwdsl2
bf0f557416 Update docs 2021-03-21 14:48:44 -05:00
Jin Jie
170ea8cfa5
Fix availability zone selection (#953)
* Update cloudformation-template-ipsec.json

Co-authored-by: Scottpedia
2021-03-20 21:33:12 -05:00
Jin Jie
11a0ef16d5
Remove "beta" banner on AWS page and minor improvements (#952)
- Remove "beta" banner
- Update template file name to add "json" suffix
- Use a python dictionary to store AMI info

Co-authored-by: Scottpedia
2021-03-20 11:43:21 -05:00
hwdsl2
ff38c87632 Update docs 2021-03-20 00:06:31 -05:00
hwdsl2
cd3a0c1bed Update IKEv2 script
- Remove support for Libreswan 3.22 and older in the IKEv2 script. Users
  should update to a newer version before setting up IKEv2.
- Cleanup
2021-03-19 23:58:06 -05:00
hwdsl2
65ba2cfd2d Update tests 2021-03-14 03:01:59 -05:00
hwdsl2
f6dd26abba Improve setup
- Install uuid-runtime/util-linux, which is required for IKEv2 setup.
2021-03-13 14:39:05 -06:00
hwdsl2
eb8daa3a40 Update helper scripts
- Cleanup and minor improvements to the helper scripts for managing
  VPN users
2021-03-12 00:07:48 -06:00
hwdsl2
e48721c669 Update tests 2021-03-09 23:26:06 -06:00
hwdsl2
35c85526b6 Update IKEv2 script
- Minor improvement to client config message
2021-03-08 23:23:00 -06:00
hwdsl2
d54b2ac57a Cleanup 2021-03-07 23:38:38 -06:00
hwdsl2
8fa3bfac80 Cleanup 2021-03-07 00:12:46 -06:00
hwdsl2
1abcd704be Update IKEv2 config
- Use the AES_GCM128 cipher for improved performance
  Ref: https://libreswan.org/wiki/Benchmarking_and_Performance_testing
- Update docs
2021-03-06 14:07:07 -06:00
hwdsl2
11f8502e3a Improve IKEv2 setup
- Use default key size (2048 bits) when generating key pairs using
  certutil. This significantly reduces IKEv2 setup time on servers
  with less powerful CPUs, such as Raspberry Pis, while still providing
  sufficient security.
- Update docs
2021-03-05 21:33:41 -06:00
hwdsl2
e7e9bf2dc0 Update docs 2021-03-01 10:12:46 -06:00
hwdsl2
916765b544 Update docs 2021-02-28 23:13:54 -06:00