editor
706
edits
This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!
mNo edit summary |
(Fix syntax) |
||
(6 intermediate revisions by one other user not shown) | |||
'''FireBrick acting as the ipsec 'server', and configuring a strongSwan client on Fedora using Network Manager.'''
*Also see: [[FireBrick_Road_Warrior_strongSwan]] (setting up via non-network manager
*Also see: [[FireBrick to Openswan Strongswan IPsec (Howto)]]
*Also see the official StrongSwan network manager page: https://wiki.strongswan.org/projects/strongswan/wiki/NetworkManager
===Install Packages===
Fedora:
dnf install NetworkManager-strongswan NetworkManager-strongswan-gnome -y
Ubuntu:
apt install network-manager-strongswan
===(optional) Certificate Installation on the client===
If you're using self-signed certs, generated by the FireBrick then do the following, otherwise (eg if you are using the easily installed Let's Encrypt cert on the FireBrick then you can skip this stage)
#Go to your VPN end point FireBrick and log in.
##sudo cp /home/user/brick-ca-cert.crt /etc/ssl/certs/
Note: When doing this with a LetsEncrypt Cert it is the
===Set Up VPN===
#Open up “Settings” and then select “Network”
#Click the + button to create a new VPN
#Select “Ipsec/IKEv2 (strongswan)” (pic below)
#Enter the name of VPN connection
#Enter the address of the Firebrick the VPN is going to connect to.
#Select required “Options”.
#Click Add in the top right
<gallery>
strongswan-networkmanager-settings.png|Network settings
strongswan-networkmanager-new.png|Create a New VPN
strongswan-networkmanager-config.png|ipsec config
strongswan-networkmanager-config2.png|Split tunnel option
</gallery>
You should now be ready to connect, either click the VPN on in settings or from the network icon in the top right of your screen.
If you require split tunnelling then please select the IPv4 and IPv6 tabs and tick the box for “Use this connection only for resources on its network” (pic above)
[[Category:FireBrick IPsec Road Warrior|Network Manager]]
|