2018-12-24 11:49:40 +00:00
|
|
|
================================
|
|
|
|
IPsec: Setup Linux Remote Access
|
|
|
|
================================
|
|
|
|
|
|
|
|
.. contents:: Index
|
|
|
|
|
|
|
|
Here you can see the configuration options for all compatible VPN types.
|
|
|
|
We assume that you are familiar with adding a new VPN connection.
|
|
|
|
|
|
|
|
The tests were done with Ubuntu 18.04 and network-manager-stronswan installed, Ubuntu only supports
|
|
|
|
OpenVPN and PPTP with the default install.
|
|
|
|
|
|
|
|
It can be installed using the following command on the command line:
|
|
|
|
|
|
|
|
.. code-block:: sh
|
|
|
|
|
2020-02-10 09:20:27 +00:00
|
|
|
apt install network-manager-strongswan
|
2018-12-24 11:49:40 +00:00
|
|
|
|
2019-08-23 07:15:47 +00:00
|
|
|
------------------------------
|
|
|
|
Step 1 - Download Certificate
|
|
|
|
------------------------------
|
2018-12-24 11:49:40 +00:00
|
|
|
|
|
|
|
Download the Root CA from the OPNsense Firewall since it is needed for all EAP types with IKEv2.
|
|
|
|
|
|
|
|
---------------------------
|
|
|
|
Step 2 - Add VPN Connection
|
|
|
|
---------------------------
|
|
|
|
|
|
|
|
Open the network manager and add a new VPN connction. Choose **IPSec/IKEv2**, enter a **Name** and set
|
|
|
|
the **Address** to the FQDN matching the one of the certificate at your Firewall.
|
|
|
|
|
|
|
|
----------------------------------
|
|
|
|
IKEv2 + EAP-MSCHAPv2 or EAP-RADIUS
|
|
|
|
----------------------------------
|
|
|
|
|
|
|
|
.. image:: images/ipsec-rw-linux-eapmschap.PNG
|
|
|
|
:width: 60%
|