Configuration files are based on https://github.com/hwdsl2/setup-ipsec-vpn.git
UPDATE: Currently we need only one configuration files, you don't need to manually choose server
Windows:
Config import script: ikev2_config_import (Copyright (C) 2022 Lin Song)
- p12 / Server: lt.fuckrkn1.xyz
iOS:
Android:
- Download the
vpnclient.p12file to your device. - Download
config import scriptand put it in the same folder as p12 file. - Right-click on the saved script, select
Properties. Click onUnblockat the bottom, then click onOK. - Right-click on the saved script, select
Run as administrator. - Choose the VPN client name (or just press Enter, it will choose the file's name)
- Enter IP of the server, you can find it in the here
- Choose the VPN connection name (or just press Enter, script will choose default name)
- Press any key to finish script.
To connect to the VPN: Right-click on the
wireless/networkicon in your system tray, open settings, go to theVPN, select the new entry, and clickConnect.
- Download the
vpnclient.mobileconfigfile to your device. - Double-click it, you'll get a OS notification.
- Open
→ System Preferences → Profilesand install the profile. - Open
→ System Preferences → Networkand connect.
- Download the
vpnclient.mobileconfigfile to your device. - Move the file to the "On my iPhone" folder.
- Open
Settingsand install the profile. - Go to
Settings>VPNand connect.
- Download strongSwan VPN Client from Google Play.
- Download
vpnclient.sswanfile to your device. - Press the button in the top right corner >
Import VPN profile>Choose the file. - Choose the
VPN certificate. - Connect to the
VPN.
Via Network Manager
To configure your Linux computer to connect to IKEv2 as a VPN client, first install the strongSwan plugin for NetworkManager:
# Ubuntu and Debian
sudo apt-get update
sudo apt-get install network-manager-strongswan
# Arch Linux
sudo pacman -Syu # upgrade all packages
sudo pacman -S networkmanager-strongswan
# Fedora
sudo yum install NetworkManager-strongswan-gnome
# CentOS
sudo yum install epel-release
sudo yum --enablerepo=epel install NetworkManager-strongswan-gnomeNext, securely transfer the generated .p12 file from the VPN server to your Linux computer. After that, extract the CA certificate, client certificate and private key. Replace vpnclient.p12 in the example below with the name of your .p12 file.
# Example: Extract CA certificate, client certificate and private key.
# You may delete the .p12 file when finished.
# Note: You may need to enter the import password, which can be found
# in the output of the IKEv2 helper script. If the output does not
# contain an import password, press Enter to continue.
openssl pkcs12 -in vpnclient.p12 -cacerts -nokeys -out ikev2vpnca.cer
openssl pkcs12 -in vpnclient.p12 -clcerts -nokeys -out vpnclient.cer
openssl pkcs12 -in vpnclient.p12 -nocerts -nodes -out vpnclient.key
rm vpnclient.p12
# (Important) Protect certificate and private key files
# Note: This step is optional, but strongly recommended.
sudo chown root.root ikev2vpnca.cer vpnclient.cer vpnclient.key
sudo chmod 600 ikev2vpnca.cer vpnclient.cer vpnclient.keyYou can then set up and enable the VPN connection:
- Go to Settings -> Network -> VPN. Click the + button.
- Select IPsec/IKEv2 (strongswan).
- Enter anything you like in the Name field.
- In the Gateway (Server) section, enter
Your VPN Server IP(or DNS name) for the Address. - Select the
ikev2vpnca.cerfile for the Certificate. - In the Client section, select Certificate(/private key) in the Authentication drop-down menu.
- Select Certificate/private key in the Certificate drop-down menu (if exists).
- Select the
vpnclient.cerfile for the Certificate (file). - Select the
vpnclient.keyfile for the Private key. - In the Options section, check the Request an inner IP address checkbox.
- In the Cipher proposals (Algorithms) section, check the Enable custom proposals checkbox.
- Leave the IKE field blank.
- Enter
aes128gcm16in the ESP field. - Click Add to save the VPN connection information.
- Turn the VPN switch ON.