One-Click IPsec VPN Server Installation Script
Use a Linux script to quickly set up your own IPsec VPN server with one click. Supports
IPsec/L2TP and Cisco IPsec protocols, and can be used on Ubuntu/Debian/CentOS
systems. You only need to provide your own VPN
login credentials, then run the script to complete the installation automatically.
IPsec VPN
can encrypt your network traffic to prevent unauthorized access to your data by anyone between you and the VPN
server while it is transmitted over the Internet. This is especially useful when using insecure networks,
such as in coffee shops, airports, or hotel rooms.
Quick Start
First, do a fresh installation of Ubuntu LTS, Debian, or CentOS
on your Linux server*.
Use the following command to quickly set up an IPsec VPN server:
wget https://git.io/vpnsetup -O vpnsetup.sh && sudo sh vpnsetup.sh
If you are using
CentOS, replace the URL above with https://git.io/vpnsetup-centos.
Your VPN
login credentials will be randomly generated automatically and displayed on the screen after the installation is complete.
To learn about other installation options and how to configure the VPN
client, please continue reading the sections below.
*
A dedicated server or virtual private server (VPS). OpenVZ VPS
is not supported.
Features
-
New: Added support for the more efficient
IPsec/XAuth ("Cisco IPsec")mode - New: You can now download a prebuilt Docker image for the VPN server
- Fully automated IPsec VPN server setup with no user input required
- Encapsulates all VPN traffic over UDP, with no need for ESP protocol support
- Can be used directly as user data when creating an Amazon EC2 instance
-
Includes
sysctl.confoptimization settings for better transmission performance - Tested on: Ubuntu 16.04/14.04, Debian 9/8, and CentOS 7/6
Configure an IPsec/XAuth VPN Client
Other language versions: English, Simplified Chinese.
Note: You can also connect using IPsec/L2TP mode, or configure IKEv2.
After successfully setting up your own VPN server, you can configure your device by following the steps below. IPsec/XAuth
(“Cisco IPsec”) is supported on Android, iOS, and OS X
without the need to install additional software. Windows
users can use the free Shrew Soft client. If you are unable to connect, first check whether you entered the correct VPN login credentials.
IPsec/XAuth mode is also known as “Cisco
IPsec”. This mode can usually transmit data more efficiently than IPsec/L2TP.
- Platform name
Windows
Note: You can also connect using IPsec/L2TP mode, without installing additional software.
-
Download and install the free Shrew Soft VPN client.
Note: This VPN client supports Windows
2K/XP/Vista/7/8. -
Click the Start menu -> All Programs -> ShrewSoft VPN Client
-> VPN Access Manager - Click the Add (+) button on the toolbar.
-
Enter
your VPN server IPin the Host Name or IP Address field. -
Click the Authentication tab, and from the Authentication
Method drop-down menu select Mutual PSK + XAuth. -
Click the Credentials sub-tab, and in the Pre Shared
Key field enteryour VPN IPsec PSK. - Click the Phase 1 tab and select main from the Exchange Type drop-down menu.
- Click the Phase 2 tab and select sha1 from the HMAC Algorithm drop-down menu.
- Click Save to save the VPN connection details.
-
Select the newly added VPN
connection. Click the Connect button in the toolbar. -
Enter
your VPN usernamein the Username field. -
Enter
your VPN passwordin the Password field. - Click Connect.
After the VPN connection is established, you will see tunnel enabled in the VPN Connect status window. Click the “Network”
tab and confirm that Established – 1 appears under “Security Associations”.
Finally, you can go here to check your IP address, which should display as your VPN server IP.
If you encounter errors during the connection process, see Troubleshooting.
OS X
- Open System Preferences and go to the Network section.
- Click the + button in the lower-left corner of the window.
- Select VPN from the Interface drop-down menu.
- Select Cisco IPSec from the VPN Type drop-down menu.
- Enter anything in the Service Name field.
- Click Create.
-
Enter
your VPN server IPin the Server Address field. -
Enter
your VPN usernamein the Account Name field. -
Enter
your VPN passwordin the Password field. - Click the Authentication Settings button.
-
In the Machine Authentication section, select the Shared Secret radio button, then enter
your VPN IPsec PSK. - Leave the Group Name field blank.
- Click OK.
- Select the Show VPN status in menu bar checkbox.
- Click Apply to save the VPN connection information.
To connect to the VPN:
use the icon in the menu bar, or open the Network section in System Preferences, select VPN
and click Connect. Finally, you can go here to check your IP
address, which should display as your VPN server IP.
Android
- Launch the Settings app.
- In the Wireless & networks section, click More….
- Click VPN.
- Click Add VPN profile or the + in the upper-right corner of the window.
- Enter anything in the Name field.
- In the Type drop-down menu, select IPSec Xauth PSK.
-
In the Server address field, enter
your VPN server IP. - Leave the IPSec identifier field blank.
-
In the IPSec pre-shared key field, enter
your VPN IPsec PSK. - Click Save.
- Click the new VPN connection.
-
In the Username field, enter
your VPN username. -
In the Password field, enter
your VPN password. - Select the Save account information checkbox.
- Click Connect.
After the VPN connection is successful, an icon will appear in the notification bar. Finally, you can go here to check your IP
address, which should display as your VPN server IP.
If you encounter an error during the connection process, please see Troubleshooting.
iOS
- Go to Settings -> General -> VPN.
- Click Add VPN Configuration….
- Tap Type. Select IPSec and go back.
- Enter anything in the Description field.
-
Enter
your VPN server IPin the Server field. -
Enter
your VPN usernamein the Account field. -
Enter
your VPN passwordin the Password field. - Leave the Group Name field blank.
-
Enter
your VPN IPsec PSKin the Secret field. - Tap Save in the upper-right corner.
- Enable the VPN connection.
Once the VPN connection is successful, an icon will appear in the notification bar. Finally, you can go to here to check your IP
address, which should display as your VPN server IP.