- Ubuntu 16.04
curlorwgetshould be installed
via curl
sh -c "$(curl -fsSL https://raw.githubusercontent.com/Proscend/ipsec-strongswan-setup/master/install.sh)"
via wget
sh -c "$(wget https://raw.githubusercontent.com/Proscend/ipsec-strongswan-setup/master/install.sh -O -)"
Hub-and-spoke toplogy
This guide will setup the IPsec and act as Hub role.
+-------+
| Hub |
+---+---+
|
+------+-----+
+-----------+ Internet +-----------+
| +------+-----+ |
| | |
| | |
+----+----+ +----+----+ +----+----+
| Spoke 1 | | Spoke 2 | | Spoke 3 |
+---------+ +---------+ +---------+
192.168.1.0/24 192.168.2.0/24 192.168.3.0/24
| Attribute | Hub's conn 1 | Hub's conn 2 | Hub's conn 3 |
|---|---|---|---|
| leftsubnet | 0.0.0.0/0 | 0.0.0.0/0 | 0.0.0.0/0 |
| rightsubnet | 192.168.1.0/24 | 192.168.2.0/24 | 192.168.3.0/24 |
The default pre-shared key is proscend.
You can provide the vpn.env file to change the pre-shared key (VPN_PSK).
vpn.env example:
VPN_PSK="password"
And re-run the ./start.sh to re-configure IPsec.