Xauth-pam-strongswan: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 1: | Zeile 1: | ||
=Install Modul= | =Install Modul= | ||
*apt-get install strongswan-plugin-xauth-pam | *apt-get install strongswan-plugin-xauth-pam | ||
| − | + | =Config= | |
| + | ==ipsec.conf== | ||
| + | *cat /etc/ipsec.conf | ||
| + | <pre> | ||
| + | conn android_vpn | ||
| + | left=10.134.2.5 | ||
| + | leftid=@nagus.xxx.de | ||
| + | leftauth=pubkey | ||
| + | leftcert=//etc/letsencrypt/live/nagus.xxx.de/fullchain.pem | ||
| + | leftsendcert=always | ||
| + | leftsubnet=0.0.0.0/0 | ||
| + | right=%any | ||
| + | rightauth=xauth-pam | ||
| + | rightsourceip=10.79.128.0/24 | ||
| + | esp=aes-sha1! | ||
| + | auto=add | ||
| + | </pre> | ||
| + | ==ipsec.secrets== | ||
| + | *cat /etc/ipsec.secrets | ||
| + | @nagus.xxx.de : RSA /etc/letsencrypt/live/nagus.xxx.de/privkey.pem | ||
| + | ==xauth-pam== | ||
| + | */etc/strongswan.d/charon/xauth-pam.conf | ||
| + | <pre> | ||
| + | xauth-pam { | ||
| + | load = yes | ||
| + | pam_service = ipsec | ||
| + | } | ||
| + | </pre> | ||
| + | |||
| + | |||
=Links= | =Links= | ||
*https://blog.loetzimmer.de/2017/09/ipsec-vpn-mit-strongswan-auf-debian.html | *https://blog.loetzimmer.de/2017/09/ipsec-vpn-mit-strongswan-auf-debian.html | ||
Version vom 28. November 2018, 09:15 Uhr
Install Modul
- apt-get install strongswan-plugin-xauth-pam
Config
ipsec.conf
- cat /etc/ipsec.conf
conn android_vpn left=10.134.2.5 leftid=@nagus.xxx.de leftauth=pubkey leftcert=//etc/letsencrypt/live/nagus.xxx.de/fullchain.pem leftsendcert=always leftsubnet=0.0.0.0/0 right=%any rightauth=xauth-pam rightsourceip=10.79.128.0/24 esp=aes-sha1! auto=add
ipsec.secrets
- cat /etc/ipsec.secrets
@nagus.xxx.de : RSA /etc/letsencrypt/live/nagus.xxx.de/privkey.pem
xauth-pam
- /etc/strongswan.d/charon/xauth-pam.conf
xauth-pam {
load = yes
pam_service = ipsec
}