Last active
December 27, 2019 12:20
-
-
Save aebian/8feb8e6083a3ba6f81ef67818689da66 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # generated by /opt/vyatta/sbin/vpn-config.pl | |
| config setup | |
| conn %default | |
| keyexchange=ikev2 | |
| include /config/user-data/ki-vpn.ipsec |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # generated by /opt/vyatta/sbin/vpn-config.pl | |
| include /config/user-data/ki-vpn.secrets |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| conn KIVPN | |
| keyexchange=ikev2 | |
| type=tunnel | |
| ike=sha512-modp3072-aes256-modp2048s256 | |
| esp=sha512-modp3072-aes256-modp2048s256 | |
| dpdaction=clear | |
| dpddelay=300s | |
| rekey=no | |
| leftsubnet=0.0.0.0/0 | |
| leftcert=/config/certs/servername.crt | |
| leftfirewall=yes | |
| rightauth=eap-mschapv2 | |
| rightsourceip=10.0.0.120-10.0.0.253 | |
| rightdns=10.0.0.3 | |
| right=%any | |
| eap_identity=%any | |
| auto=start |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| : RSA /config/certs/servername.pem | |
| KI\alexp : EAP "Password" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Add-VpnConnection -Name "net.ki" -ServerAddress "vpndns.yoursite.com" -TunnelType "IKEv2" -AuthenticationMethod "EAP" -EncryptionLevel "Maximum" -PassThru -UseWinlogonCrede | |
| $connection = “net.ki” | |
| Set-VpnConnectionIPsecConfiguration -ConnectionName $connection -AuthenticationTransformConstants SHA256128 -CipherTransformConstants AES256 -DHGroup Group24 -EncryptionMethod AES256 -IntegrityCheckMethod SHA256 -PFSgroup PFS2048 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment