Ryan Kasper
0cb43650cb
Windows 10 -PfsGroup None --> -PfsGroup ECP256 ( #493 )
...
* Windows 10 -PfsGroup None --> -PfsGroup ECP256
Fixes broken tunnel when rekey (CREATE_CHILD_SA request [ N(REKEY_SA) SA No TSi TSr KE ]) occurs (on my Windows 10 1703 build 15063.138 Creator's Update system this is ~every 57 minutes)
* Update Windows Client PfsGroup Commandline
2017-04-27 12:46:50 -04:00
forkbomber
f002f32836
Fix typo related to "Error 809" and filtered IKE_AUTH requests ( #496 )
2017-04-27 12:46:28 -04:00
Jack Ivanov
540c761d3b
Disable RSA in the mobileconfigs. Fixes #486
2017-04-25 23:06:51 +02:00
Nicholas
aea22475c3
Fixed broken links to ansible deployment instructions ( #484 )
...
* Fixed broken link in EC2 IAM instructions
* Fixed broken in step 6 of instructions
2017-04-24 16:53:58 +02:00
Dan Guido
31d6bd39a1
The docs got out of sync with the scripts ( #480 )
...
* The docs got out of sync with the scripts
* restructure
* fix links
2017-04-23 16:36:30 -04:00
Jack Ivanov
451394100d
Some enhances in the compat ciphers ( #464 )
...
raise the IntegrityCheckMethod to SHA384
Move Windows to ECDSA
Increase IntegrityCheckMethod
2017-04-23 16:00:37 -04:00
Dan Guido
0d1c760a63
Doc improvements ( #479 )
...
* cleanup
* typos
* Closes #289
Add instructions for connecting to the VPN and configuring on demand.
2017-04-23 14:54:54 -04:00
Dan Guido
aac052da46
this option is deprecated ( #477 )
2017-04-23 09:04:30 -04:00
Dan Guido
8c430bd555
typo ( #474 )
2017-04-22 22:38:29 -04:00
Jack Ivanov
2782df8cfd
Move back to 16.04. Forgot to change after testing
2017-04-22 23:09:37 +02:00
Jack Ivanov
c3fcfe5d0d
Let users choose the distro version #449 ( #466 )
...
Make dpdaction great again
add 1704 to travis
Make EC2 image name more convenient
modify apparmor profile
2017-04-22 17:06:10 -04:00
Dan Guido
cbb8237a4c
fix link ( #472 )
2017-04-22 16:52:02 -04:00
Dan Guido
3aa4b6e8df
Add linters to our CI ( #471 )
2017-04-22 14:57:39 -04:00
Jay Little
f75c857656
Fix broken links. ( #469 )
2017-04-22 14:00:16 -04:00
Dan Guido
39822a1b4e
Add back table of contents ( #463 )
...
* toc
* shift left
* derp
2017-04-21 12:20:33 -04:00
Dan Guido
b94b455aba
typo
2017-04-20 18:28:16 -04:00
Dan Guido
22e145c241
Update documentation to include minimum required IAM policy ( #461 )
...
* Updating documentation to include minimum required IAM polcy. Closes
* Slightly more concise
2017-04-20 18:15:31 -04:00
Andy Boutte
76cdc69548
CF tested and working for EC2 deployment ( #431 )
...
* AWS CloudFormation #132
* IPv6 EC2 draft
* CF tested and working for EC2 deployment
* IPv6 Implementation, EC2, Cloudformation
* Fixed ipv6 networking
* adding ip6tables rule for DHCP on AWS
2017-04-20 18:04:57 -04:00
Dan Guido
0e4aace6b6
Update deploy-to-ubuntu.md
2017-04-20 18:00:55 -04:00
Jack Ivanov
a7b06058cb
remove the proxy role #440 ( #457 )
...
* remove the proxy role #440
* Separate facts. Make roles more independent from each other
move openssl to local tasks
move unneeded tasks
2017-04-20 18:00:17 -04:00
Dan Guido
019d729fe6
Better documentation ( #459 )
...
* Closes #443
* Remove numbers
* context
* split up local and scripted
* Closes #458
* .
* better layout
* Closes #451
* do this later
* grammar
* typo
2017-04-20 17:56:03 -04:00
Dan Guido
0b05ea19bc
Windows needs SHA2-256. Closes #453 . ( #456 )
2017-04-20 07:26:46 -04:00
Dan Guido
8173b84ff8
Change uniqueids back to never ( #448 )
...
We need this to allow multiple connections with the same id/certificate
2017-04-19 09:53:30 +02:00
Dan Guido
77700f6c8e
clarification about ciphers
2017-04-18 11:22:38 -04:00
Dan Guido
b29772f146
prefer ed25519
2017-04-18 02:20:44 -04:00
Dan Guido
f9f7be7b0d
Fix a typo from #439
2017-04-18 01:15:07 -04:00
Dan Guido
1778cb1f45
disable dpd #430 ( #437 )
...
Closes #430
2017-04-18 01:12:21 -04:00
Dan Guido
8e5e6d5088
remove extraneous integrity algos from AEAD ciphers ( #439 )
...
In reference to
https://github.com/trailofbits/algo/issues/9#issuecomment-294370560
2017-04-18 01:11:56 -04:00
MiWCryptAnalytics
14e8f309fe
Update troubleshooting with note about ip frag ( #427 )
...
* Update troubleshooting with note about ip frag
note about ip fragmentation on consumer routers
* clarify
Closes #305
2017-04-17 23:41:04 -04:00
Jauder Ho
5b2e13d18f
Only enable ChaCha cipher ( #412 )
...
* Only enable ChaCha cipher
* Add back a few ciphers for compatability
2017-04-17 23:17:40 -04:00
Jack Ivanov
fa5a956193
Add URLStringProbe ( #428 )
...
* Add URLStringProbe
* switch to Apple's hotspot-detect.html
2017-04-17 23:16:05 -04:00
Andy Boutte
aa0aadd66e
Removing update to ~/.ssh/config #400 ( #435 )
2017-04-17 22:01:42 -04:00
George Kargiotakis
f13cc71851
Simplify localhost installations ( #432 )
...
Make it easier to install non_cloud version on localhost and
add a check whether an IP was given for IP_subject
2017-04-17 21:34:31 +02:00
Jack Ivanov
ea5976f49b
write logs to file if BSD only
2017-04-17 18:12:38 +02:00
Jack Ivanov
9c12272c8c
Python False-y values should be accepted. #417 ( #426 )
2017-04-16 16:40:24 -04:00
Dan Guido
4cd3c2e4ef
Update README.md
2017-04-16 14:07:14 -04:00
Dan Guido
32d906f04d
Update README.md
2017-04-16 13:58:06 -04:00
Dan Guido
98efa75b6c
more endorsements!
2017-04-16 12:15:16 -04:00
Dan Guido
9a8f3d9dd0
Update README.md
2017-04-16 11:10:11 -04:00
Jack Ivanov
bdd0b85431
Upgrade pip inside virtualenv. Fixes #409
2017-04-16 16:40:10 +02:00
Jack Ivanov
16329fe088
Instance size ( #404 )
...
* Escaping Special Characters #388
* Make instance sizes more flexible to edit #355
2017-04-16 10:19:47 -04:00
Jack Ivanov
bf75a1bb03
move generating of the known_hosts file to local_action ( #425 )
2017-04-16 10:18:54 -04:00
Dan Guido
87316ea3ea
Add note about Network Manager
2017-04-16 10:13:47 -04:00
Dan Guido
38f85a6e78
Add Linux Desktop to compatible prompt
2017-04-16 10:12:07 -04:00
Dan Guido
3ef96f7848
Update README.md
2017-04-16 10:02:34 -04:00
Dan Guido
089bf64c91
Update README.md
2017-04-16 10:00:57 -04:00
Logan Collins
de948186eb
Improve Ubuntu Instructions ( #419 )
...
* Added note regarding DH group
* more complete
* clarified file sources
* remove trailing slash for consistency
* Added information on LAN Passthrough - a common home usecase
2017-04-16 09:56:17 -04:00
donlockhart
42a663983e
Added East US and East US 2 regions to Azure. ( #424 )
2017-04-16 14:39:55 +02:00
MiWCryptAnalytics
04b61ca3d2
Increase CA key entropy to 128bit ( #415 )
...
Changes the default CA key size from 48 bit to 128bit with OpenSSL usermode CSPRNG with hex encoding
2017-04-15 16:23:15 -04:00
Jack Ivanov
02f363d825
change the order of ciphers
2017-04-15 16:36:39 +02:00