hwdsl2
3b4a666e02
Update workflows
2020-07-09 01:41:52 -05:00
hwdsl2
0f7ea7610d
Update docs
2020-07-07 12:17:09 -05:00
hwdsl2
8f42527e16
Update workflows
2020-07-07 12:16:55 -05:00
hwdsl2
5344da426f
Update docs
2020-07-07 01:52:14 -05:00
hwdsl2
b686bbb0df
Add workflows
...
- Run automated tests on multiple OS using GitHub actions
2020-07-07 01:51:04 -05:00
hwdsl2
bff3fe5a4b
Fix for EPEL repo
...
- Add workaround for EPEL repo issues
2020-07-06 23:03:13 -05:00
hwdsl2
71dc5bab01
Update IKEv2 docs
...
- Connecting multiple IKEv2 clients from behind the same NAT
requires setting the "local ID" field to match the client name.
Ref: https://github.com/libreswan/libreswan/issues/237
2020-07-06 22:42:45 -05:00
hwdsl2
93e89919ac
Update IKEv2 docs
2020-07-04 01:35:10 -05:00
hwdsl2
8283bdb32f
CentOS/RHEL 8 fix
...
- Fix fail2ban rules for nftables on CentOS/RHEL 8
2020-07-02 17:52:13 -05:00
hwdsl2
012c19fed1
Update IKEv2 script
...
- Allow specifying the validity period of client certificates
2020-07-02 11:48:35 -05:00
hwdsl2
9ec99c8512
Update docs
2020-06-12 11:09:58 -05:00
hwdsl2
3faa8fd86e
Improve DNS check
2020-06-12 11:05:42 -05:00
hwdsl2
50ac87c7b3
Update docs
2020-06-11 01:37:47 -05:00
hwdsl2
cf2ed17ae6
Update IKEv2 script
...
- Improve error handling and move ikev2 config to the last step
2020-06-11 01:32:31 -05:00
hwdsl2
2def2f2f20
Update docs
2020-06-08 02:01:17 -05:00
hwdsl2
8ea8bbfa4e
Update IKEv2 docs
...
- Add instructions for add/revoke client certificates
2020-06-06 23:09:58 -05:00
hwdsl2
b7293e95da
Cleanup
2020-06-05 11:00:23 -05:00
hwdsl2
f3a93e17fc
Update IKEv2 docs
2020-06-05 00:44:33 -05:00
hwdsl2
333a63850e
Update IKEv2 script
...
- Support adding IKEv2 VPN clients
- Users can specify name for the first VPN client
2020-06-05 00:29:15 -05:00
hwdsl2
99e87f5287
Update IKEv2 docs
2020-05-31 17:37:49 -05:00
hwdsl2
204904abf4
Update IKEv2 docs
2020-05-30 23:13:14 -05:00
hwdsl2
e1e1b67afd
Improve IKEv2 setup
...
- Use /etc/ipsec.d/ikev2.conf for IKEv2 configuration
- Allow running from inside a container, so that it can be used with:
https://github.com/hwdsl2/docker-ipsec-vpn-server
2020-05-30 23:09:32 -05:00
hwdsl2
5894ea2e1f
Update IKEv2 script
...
- Allow running from inside a container, so that it can be used with:
https://github.com/hwdsl2/docker-ipsec-vpn-server
2020-05-30 17:35:27 -05:00
hwdsl2
60d89c7181
Update docs
2020-05-30 02:52:49 -05:00
hwdsl2
9a9496b41b
Update docs
2020-05-25 14:29:51 -05:00
hwdsl2
5fe5f04835
Update upgrade scripts
...
- Ref: 71d67ae
2020-05-25 13:40:04 -05:00
hwdsl2
71d67ae690
CentOS/RHEL fixes
...
- Use nftables only if firewalld is active (CentOS/RHEL 8)
- Fix RHEL 7 server-optional repo names. See:
https://access.redhat.com/articles/4599971
- Fix an issue where the codeready-builder repo cannot be enabled
on EC2 (RHEL 8). Fixes #804 .
2020-05-24 15:07:08 -05:00
hwdsl2
a087be669f
Cleanup
2020-05-24 00:14:05 -05:00
hwdsl2
d457ebd16d
CentOS 8 fixes
...
- Use nftables instead of iptables-services for CentOS 8
- Existing firewalld rules are now preserved during VPN setup,
which will be saved as part of nftables rules
2020-05-24 00:10:35 -05:00
hwdsl2
fab5d51d78
Cleanup
...
- No need to apply IPTables rules for Ubuntu/Debian
2020-05-23 17:57:38 -05:00
hwdsl2
54d0d9d37d
Update docs
2020-05-21 00:22:05 -05:00
hwdsl2
0a0607feb9
Update IKEv2 script
...
- Save client configuration to home folder
2020-05-17 18:09:40 -05:00
hwdsl2
09c68fda01
Update docs
...
- Add troubleshooting section for Android MTU/MSS issues
- Remove "Access VPN server's subnet". This seems to work fine using
the default configuration, without additional IPTables rules
2020-05-16 23:35:52 -05:00
hwdsl2
b028661f6f
Update IKEv2 script
...
- Raspberry Pi (Raspbian) kernels do not support MOBIKE
2020-05-16 22:11:01 -05:00
hwdsl2
f38e2ea4f2
Cleanup
2020-05-14 23:07:47 -05:00
hwdsl2
d44b09d577
Update docs
2020-05-11 23:23:38 -05:00
hwdsl2
5bf8b86192
Update IKEv2 script
...
- Fix CentOS detection
- Set MOBIKE question default to 'yes'
2020-05-11 23:15:05 -05:00
hwdsl2
6a285499e3
Update upgrade scripts
...
- Support upgrading to Libreswan 3.32
- Update ikev2 setup helper script
2020-05-11 11:28:37 -05:00
hwdsl2
b293aa3081
New Libreswan version
...
- Upgrade Libreswan to 3.32
2020-05-11 10:59:08 -05:00
hwdsl2
207fb6574d
Update links
...
- Add a link to IKEv2 how-to guide
2020-05-11 01:19:03 -05:00
hwdsl2
ace41ebc29
Add IKEv2 script
...
- Add a helper script for automatic IKEv2 setup
- Update IKEv2 docs
2020-05-11 01:18:34 -05:00
hwdsl2
1839943b0e
Update docs
2020-05-03 22:12:17 -05:00
hwdsl2
9e6b26b1b2
Update docs
2020-05-03 01:59:37 -05:00
hwdsl2
7076376aac
Update IKEv2 docs
...
- For users running Libreswan 3.31, the "Use RSA/PSS signatures" option
needs to be enabled in the strongSwan Android VPN client.
- Ref: https://lists.libreswan.org/pipermail/swan/2020/003440.html
2020-04-30 01:13:39 -05:00
hwdsl2
f15db57ea5
Fix upgrade bug
...
- Fixed an issue where the upgrade script could break the IKEv2 section
of /etc/ipsec.conf for users who manually added IKEv2
2020-04-30 00:12:56 -05:00
hwdsl2
dae0c03356
Improve output
...
- Inhibit warning messages from Libreswan compilation
2020-04-29 11:00:25 -05:00
hwdsl2
5983c79904
Fix IKEv2
...
- Apply fix for an IKEv2 regression in Libreswan
- Ref: https://github.com/libreswan/libreswan/commit/90f8a09
https://github.com/libreswan/libreswan/issues/333
https://github.com/libreswan/libreswan/issues/329
2020-04-26 16:27:00 -05:00
hwdsl2
dbb3c6b436
Improve RPi workaround
...
- Newer Raspbian kernels now support SHA512
2020-04-26 00:32:54 -05:00
hwdsl2
c251d6d6ea
Add Ubuntu 20.04
2020-04-25 23:02:24 -05:00
hwdsl2
48d9b06bab
Update upgrade scripts
...
- Support upgrading to Libreswan 3.31
2020-04-12 00:28:00 -05:00