Home

Awesome

Setup a Strongswan IPSec (& L2TP) Server

NOTE: This is probably securer than using https://github.com/philplckthun/setup-simple-ipsec-l2tp-vpn Furthermore it supports both L2TP and regular IPSec connections

Installation

This script doesn't need a domain or specific public IP to work.

curl -L -O https://raw.github.com/philplckthun/setup-strong-strongswan/master/setup.sh
chmod +x setup.sh
sudo ./setup.sh

The script will lead you through the installation process. If you haven't run this script before it will ask you to enter credentials for the VPN, namely:

For upgrading Strongswan you can just run the script again. Remember to back up your custom IPSec configuration files beforehand.

Usage

This installs the vpn-assist init.d script. Systemd is backwards compatible to these scripts and thus you can use it to start|stop|restart the VPN server, which should also start itself automatically on startup.

You can manage accounts for your VPN via /etc/ipsec.secrets and etc/ppp/chap-secrets. @zackdevine's account managing script automates this process

Uninstallation

Download the Strongswan source and run:

make uninstall

Then uninstall xl2tpd and remove /etc/init.d/vpn-assist. That should suffice for a rather clean uninstallation.