kitten/setup-simple-ipsec-l2tp-vpn kitten/setup-simple-ipsec-l2tp-vpn

  • This repository has been archived on 16/Sep/2018
  • Stars
    star
    644
  • Rank 69,288 (Top 2 %)
  • Language
    Shell
  • Created about 10 years ago
  • Updated over 6 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
kitten/setup-simple-ipsec-l2tp-vpn
github

kitten

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Setup a simple IPSec/L2TP VPN Server for Ubuntu and Debian

Setup a simple IPSec/L2TP VPN server for Ubuntu, Arch Linux and Debian

Tested on:

  • Digital Ocean: Ubuntu 14.04 x64 (Trusty)
  • Online.net: Arch Linux
  • Amazon Web Services EC2: Arch Linux
  • Amazon Web Services EC2: Ubuntu 14.04 x64 HVM (Trusty)

Deprecated!

This script has been deprecated in favor for my other script "setup-strong-strongswan"

This script is very fragmented. The other scripts for Arch Linux, CentOS and Fedora are not up to date. They are insecure and don't feature a init.d startup and helper script. Furthermore it uses libreswan, which is not as well maintained and documented as strongswan.

For these and other reasons I updated the strongswan script. It supports both IPSec over L2TP and "pure" IPSec with the same installation. It is also based on my work on a strongswan docker container, which will be much more regularly maintained as well.

philpl/setup-strong-strongswan

Installation

For Ubuntu and Debian

wget https://raw.github.com/philpl/setup-simple-ipsec-l2tp-vpn/master/setup.sh
sudo sh setup.sh

NOTE: Debian 7 (Wheezy) does not have the newer libnss3 version (>=3.15) that Libreswan requires. The following workaround is required BEFORE running vpnsetup.sh. Thanks to @hwdsl2

wget https://gist.githubusercontent.com/hwdsl2/5a769b2c4436cdf02a90/raw/e08a04d76240af8acbfe5d6f4e0057c1bf5c660e/vpnsetup-debian-7-workaround.sh
sudo sh vpnsetup-debian-7-workaround.sh

This will install a new service called ipsec-assist. With it you can safely start, stop and restart the VPN server:

sudo service ipsec-assist stop
sudo service ipsec-assist start
sudo service ipsec-assist restart

For Arch Linux

wget https://raw.github.com/philpl/setup-simple-ipsec-l2tp-vpn/master/setup_archlinux.sh
sudo sh setup_archlinux.sh

For Fedora

wget https://raw.github.com/philpl/setup-simple-ipsec-l2tp-vpn/master/setup_fedora.sh
sudo sh setup_fedora.sh

The script will lead you through the installation process.

During installation you have to enter an IPSec PSK Key, a custom username if you wish, and a password.

Ports 1701, 500 and 4500 must be opened for the VPN to work!

Enjoy your very own (secure) VPN!

Some Notes

Clients are configured to use Google's Public DNS servers, when the VPN connection is active: https://developers.google.com/speed/public-dns/

Only one VPN account is generated! To add more accounts, see the file /etc/ppp/chap-secrets

In the future I might add the ability to generate more accounts.

Before connecting with a Windows client please see: http://support.microsoft.com/kb/926179

If you plan to keep the VPN server generated with this script on the internet for a long time (a day or more), consider securing it to possible attacks!

If you run this script on EC2, the IP used in the config files will be different to the instance's public-facing IP. This is because Amazon performs one-to-one NAT on EC2 instances.

License

Copyright notices and license notes are at the head of the script.

More Repositories

1

setup-strong-strongswan

[UNMAINTAINED] Setup a (really) strong StrongSwan VPN Server for Ubuntu and Debian
Shell
633
star
2

fluorine

[UNMAINTAINED] Reactive state and side effect management for React using a single stream of actions
JavaScript
286
star
3

sweetsour

A CSS-in-JS parser and pipeline adhering to the ISTF spec 🍭
OCaml
224
star
4

docker-strongswan

Docker image for easily setting up a secure StrongSwan VPN
Shell
178
star
5

prosemd-lsp

An experimental proofreading and linting language server for markdown files ✍️
Rust
142
star
6

rxjs-diagrams

React Components for visualising RxJS observables and operators
JavaScript
128
star
7

spectacle-sync

πŸ’ Present Spectacle presentations synchronised on multiple devices
JavaScript
59
star
8

extendable-immutable

Wrapper classes around Immutable.js that turn it inheritable
JavaScript
58
star
9

bunpkg

A proof of concept clone of Unpkg running on Cloudflare Workers
TypeScript
49
star
10

stream-tag

A tagged template literal utility for Node streams
TypeScript
47
star
11

react-compat-component

Marrying ES6 with mixins and more: Compatibility layer for React's ES6 Component class
JavaScript
39
star
12

Adventurous-Syntax

A dark Atom theme using common colors often seen in the cult series Adventure Time.
CSS
28
star
13

react-wonka

Several hooks for using Wonka streams with React
TypeScript
26
star
14

moomin

An experimental JSX/component framework around Reprocessing for Reason
OCaml
17
star
15

graphql-box

[WIP] Instant GraphQL OpenCRUD database that is universally runnable & deployable
TypeScript
17
star
16

pessimism

A fast HAMT Map intended for KV caching and optimistic updates
OCaml
15
star
17

bs-rebel

A toolkit for collections for bsb-native and bsb aimed at bundle size and performance
OCaml
14
star
18

kitten.sh

My collection of posts as found at kitten.sh
JavaScript
12
star
19

redux-fluorine

A Redux enhancer to manage groups of actions as observables ("agendas")
JavaScript
12
star
20

hachiko

WIP: Modular and performant data collections for JavaScript
TypeScript
10
star
21

bs-flow-parser

Flow's JavaScript parser, packaged and adapted for BuckleScript
OCaml
10
star
22

runruntypes

A poor man's runtime-only type checker
JavaScript
9
star
23

system

Nix
9
star
24

vim-adventurous

A dark vim color theme using common colours often seen in the cult series Adventure Time
Vim Script
9
star
25

react-static-plugin-md-pages

react-static plugin to create nested pages from a given source directory
JavaScript
7
star
26

goethe

Node module for immutable color conversion and manipulation
JavaScript
6
star
27

dotfiles

Vim Script
6
star
28

2g

WIP: A cross-platform creative coding framework for Reason
C
6
star
29

didsmoosh

componentDidSmoosh is a comedy night for JS nerds bringing together experts of developer humour on stage
JavaScript
6
star
30

fix-ubuntu-unicorn-for-macbooks

A wizard which can fix multiple issues, bugs and quirks occuring on Macbook Pros running Ubuntu 14.10.
Shell
5
star
31

nightingale

Reason
4
star
32

reason-hmm

HandmadeMath Bindings for OCaml
C++
4
star
33

reason-glsl-optimizer

GLSL Optimizer Bindings for OCaml
C++
4
star
34

threed-example-api

A GraphQL Example API for threaded conversations
JavaScript
4
star
35

advent-of-code-2019

Learning some Rust with "Advent of Code 2019" β€” because why not?
Rust
4
star
36

bowtie

JavaScript
4
star
37

thought-leader

JavaScript
3
star
38

concurrent-mode-deck

JavaScript
3
star
39

gatsby-theme-docs-system

JavaScript
3
star
40

twitter-was-down-

2
star
41

gatsby-theme-mdx-deck

Modified version of mdx-deck's Gatsby Theme with fixed size slides
JavaScript
2
star
42

vierdreidrei

433Mhz Receiver and Transmitter Module through a RCSwitch wrapper (WIP)
C++
1
star
43

pebble-barely-v2

A simple watchface only using horizontal and vertical straight lines for the Pebble smartwatch. Four squares for the time, four for the date, and four for the year, filling the whole screen. Also invertable!
C
1
star
44

kitten

1
star