rms/setup-ipsec-vpn
1
0
Fork 0
mirror of https://github.com/hwdsl2/setup-ipsec-vpn.git synced 2026-05-16 23:55:44 +03:00
Code Issues Packages Projects Releases Wiki Activity
1,508 Commits 1 Branch 0 Tags
master
Commit Graph

397 Commits

Author SHA1 Message Date
hwdsl2
365d87d577 Improve VPN setup 
- Install package libcrypt-dev on Ubuntu/Debian, and package
  libxcrypt-devel on CentOS 8+, which are needed for Libreswan
  compilation. This change fixes VPN setup on Ubuntu 26.04.
 2026-04-25 21:55:17 -05:00
hwdsl2
18f78d7672 Improve OS check 2026-04-25 18:21:52 -05:00
hwdsl2
5414cdfb71 Improve IPv6 setup 
- Use a /116 subnet (4096 addresses) for IPv6.
- Set IPv6 forwarding in rc.local, in addition to sysctl.conf.
  In some cases, setting it in sysctl.conf may not work reliably.
 2026-03-20 01:42:03 -05:00
hwdsl2
b02d196ad2 Improve IPv6 check 2026-03-18 22:14:04 -05:00
hwdsl2
8167d54c44 Add IPv6 support 
- Add initial IPv6 support for IKEv2 mode. For VPN servers with
  a public (global unicast) IPv6 address, IPv6 support for
  IKEv2 clients is automatically enabled during VPN setup.
- Currently tested on Android using the strongSwan VPN client.
  Other platforms (e.g. Windows, macOS, iOS) may have limitations
  or require additional configuration for IPv6 to work.
 2026-03-17 00:21:43 -05:00
hwdsl2
9504188326 Cleanup 2026-03-16 22:27:55 -05:00
hwdsl2
ad61b354c5 Improve VPN config 
- Clean up obsolete Libreswan keywords
 2025-09-02 00:38:03 -05:00
hwdsl2
15c65778a1 Update OS support 
- Add Alpine Linux 3.22 and remove 3.20
- Cleanup
 2025-09-01 11:54:52 -05:00
hwdsl2
6c332e86db Update OS support 
- Add support for Debian 13
- Cleanup
 2025-08-28 02:31:08 -05:00
hwdsl2
4612cce33b Update OS check 
- Add a check for Debian 13, which is not currently supported.
 2025-08-15 08:29:38 -05:00
hwdsl2
4c6b042d8f New Libreswan version 
- Support upgrading to Libreswan 5.3.
 2025-07-06 11:15:08 -05:00
hwdsl2
909bf12175 Update OS support 
- Add CentOS Stream 10
- Add a check for Ubuntu 25.04, which is not currently supported.
 2025-05-13 00:28:40 -05:00
hwdsl2
794618f932 Minor fix 
- Use the first "leftcert" value when getting the IKEv2 server
  address. Ref: #1764
 2025-05-09 08:53:31 -05:00
hwdsl2
ad2768370b Minor fix 
- Use the first "leftcert" value when getting the IKEv2 server
  address.
- Fixes: #1764
 2025-05-09 08:52:15 -05:00
hwdsl2
474b450eaa New Libreswan version 
- Support upgrading to Libreswan 5.2.
 2025-03-05 23:55:04 -06:00
hwdsl2
1d2588f40b Update OS support 
- Add Alpine Linux 3.21 and remove 3.19.
 2025-03-05 23:23:55 -06:00
hwdsl2
37d7cd2418 Update OS check 
- Add a check for Ubuntu 24.10, which is not currently
  supported by this project. You may instead use e.g.
  Ubuntu 24.04 LTS.
- Cleanup
 2024-12-27 09:11:25 -06:00
hwdsl2
7bd6872d43 New Libreswan version 
- Support upgrading to Libreswan 5.1.
 2024-10-14 21:53:50 -05:00
hwdsl2
9a625dba29 Update OS support 
- Remove CentOS 7 and CentOS 8 Stream, which have reached EOL.
- Add Alpine Linux 3.20 and remove 3.18.
 2024-07-28 17:52:03 -05:00
hwdsl2
b5d19d7f65 New Libreswan version 
- Support upgrading to Libreswan 5.0.
 2024-05-02 20:47:33 -05:00
hwdsl2
6f2efd3b59 New Libreswan version 
- Use new Libreswan version 5.0.
  Ref: https://lists.libreswan.org/pipermail/swan-announce/2024/000058.html
 2024-05-02 20:44:54 -05:00
hwdsl2
b58e65eb3c Add Ubuntu 24.04 
- Add support for Ubuntu 24.04 LTS
  Ref: https://github.com/libreswan/libreswan/commit/46e9115
 2024-04-27 11:03:58 -05:00
hwdsl2
ca8619476d New Libreswan version 
- Support upgrading to Libreswan 4.15.
 2024-04-17 20:43:02 -05:00
hwdsl2
bf0edf5627 Update OS support 
- Cleanup. Ref: 1442e9f.
 2024-04-14 14:21:03 -05:00
hwdsl2
1442e9f35c Update OS support 
- Remove support for Ubuntu 18.04 and Debian 9, which reached EOL
  in June 2023 and July 2022, respectively.
- Cleanup
 2024-04-14 11:31:33 -05:00
hwdsl2
25670f39e7 Update IKEv2 script 
- Update client config file generation code due to a recent change
  on Ubuntu 20.04: The libnss3 package was recently updated to
  version 3.98 on Ubuntu 20.04, which requires these changes to the
  IKEv2 script.
  Ref: https://packages.ubuntu.com/focal/libnss3
 2024-04-10 22:06:28 -05:00
hwdsl2
3b24405cdd New Libreswan version 
- Support upgrading to Libreswan 4.14.
 2024-03-16 11:52:16 -05:00
hwdsl2
198bd98fbb Update year 2024-02-03 15:31:58 -06:00
hwdsl2
5bb63dac28 Update Alpine Linux versions 
- Add Alpine Linux 3.19 and remove 3.17.
 2024-02-03 15:24:29 -06:00
hwdsl2
9268ad2e05 Update IKEv2 script 
- Add a command line option "-y" (or "--yes") to assume "yes" as answer
  to prompts when revoking/deleting a client or removing IKEv2.
  Ref: #1499
 2023-12-13 13:03:17 -06:00
hwdsl2
5a9402b75b Improve VPN ciphers 
- Update VPN ciphers for compatibility with macOS 14 (Sonoma).
  Ref: #1486, libreswan/libreswan#1450
 2023-12-09 23:39:07 -06:00
hwdsl2
8cbbe1cddd Cleanup 
- Remove quickstart.sh, which was removed from project
  documentation in March 2022, and no longer in use.
 2023-11-06 22:14:05 -06:00
hwdsl2
c8bb2bc36c New Libreswan version 
- Support upgrading to Libreswan 4.12.
 2023-08-11 00:08:25 -05:00
hwdsl2
16f5a1d81f Update Alpine Linux versions 
- Add Alpine Linux 3.18 and remove 3.16.
 2023-08-10 23:33:06 -05:00
hwdsl2
e79e64174c Update OS check 2023-06-14 23:52:54 -05:00
hwdsl2
4c5f4e8327 Update OS check 
- Update OS check to detect Amazon Linux 2023, which is not currently
  supported for use with this project.
  Ref: #1388
 2023-05-21 22:19:30 -05:00
hwdsl2
efcfbe8da3 New Libreswan version 
- Support upgrading to Libreswan 4.11.
 2023-05-05 00:07:07 -05:00
hwdsl2
2039f91151 New libnss3 version 
- Use new version of libnss3 for Ubuntu 18.04 NSS fix.
 2023-03-01 21:26:04 -06:00
hwdsl2
1a79a5cfce New Libreswan version 
- Support upgrading to Libreswan 4.10.
 2023-03-01 08:55:12 -06:00
hwdsl2
3f12b9583b Update Alpine Linux versions 
- Add Alpine Linux 3.17 and remove 3.15.
 2023-02-11 23:08:37 -06:00
hwdsl2
dc32e28f47 Cleanup 2023-01-13 00:36:49 -06:00
hwdsl2
c356a75bca Update docs 2023-01-04 18:58:29 -06:00
hwdsl2
fec1b7c7a2 Update IKEv2 script 
- Improve MOBIKE detection by checking whether the IKEv2 connection
  is successfully loaded. If not, the server's Linux kernel may not
  support MOBIKE, and we disable it in ikev2.conf.
- This will help prevent the issue where the IKEv2 connection fails
  to load on some systems due to lack of MOBIKE support. Note that
  the script already has checks for MOBIKE support that cover common
  cases.
- Related issues:
  https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/330
  https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/298
  https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/247
 2022-12-01 21:45:57 -06:00
hwdsl2
fad9e0d34d Update IKEv2 setup log 
- When using the IKEv2 change server address script on Docker,
  update the IKEv2 setup log with the new server address, so that
  it can be displayed in the container logs after a restart.
 2022-12-01 21:25:41 -06:00
hwdsl2
edd05df89c Update IKEv2 script 
- Improve the optional VPN On Demand feature on macOS and iOS.
  Connect only on WiFi networks (instead of any network), with
  captive portal detection. This is the most common use case.
 2022-10-30 15:45:11 -05:00
hwdsl2
4f8a19d337 Update OS check 
- Add a check for Ubuntu 18.04 on architectures other than x86_64,
  which is not supported by the VPN scripts for Libreswan 4.9.
 2022-10-24 18:50:51 -05:00
hwdsl2
2bd37ccf66 Cleanup 
- Save a redirect and make VPN setup slightly faster by using
  raw.githubusercontent.com directly instead of
  https://github.com/hwdsl2/setup-ipsec-vpn/raw/...
 2022-10-23 14:05:57 -05:00
hwdsl2
4174ffa3ef Improve VPN setup 
- Improve download of VPN helper scripts during setup.
  Note: https://github.com/hwdsl2/setup-ipsec-vpn/raw/master/extras/...
  redirects to
  https://raw.githubusercontent.com/hwdsl2/setup-ipsec-vpn/master/extras/...
  Use the latter directly so that Wget can reuse the same connection
  for all 3 helper scripts.
- For Ubuntu 18.04, improve download of NSS packages and add fallback URLs.
 2022-10-22 23:55:06 -05:00
hwdsl2
780f815540 Improve VPN setup 
- For Ubuntu 18.04, download NSS packages from GitHub for improved
  reliability.
- Check and skip installing NSS packages if already installed.
 2022-10-21 23:37:47 -05:00
hwdsl2
d1da04b1d4 New Libreswan version 
- Support upgrading to Libreswan 4.9.
- Compilation of Libreswan 4.9 on Ubuntu 18.04 requires newer
  versions of NSS packages. They are installed in a similar way
  as apply_ubuntu1804_nss_fix in ikev2setup.sh.
  Ref: https://github.com/libreswan/libreswan/issues/892
 2022-10-21 00:11:15 -05:00