270
edits
Cloud: Difference between revisions
→Connection Instructions
| Line 105: | Line 105: | ||
You should now have a VPN named Hacksburg. Click the network icon in taskbar tray, click Hacksburg, and connect with the provided username and password. | You should now have a VPN named Hacksburg. Click the network icon in taskbar tray, click Hacksburg, and connect with the provided username and password. | ||
==== Linux (and friends) ==== | |||
===== Setup ===== | |||
Install <code>strongswan</code>. If you use NetworkManager (Ubuntu), you can use these instructions [https://wiki.archlinux.org/index.php/Openswan_L2TP/IPsec_VPN_client_setup#NetworkManager] and fill in the following values: | |||
VPN Server IP: 216.252.204.76 | |||
VPN Username: Email board@hacksburg.org to request | |||
VPN Password: Email board@hacksburg.org to request | |||
If you do not use NetworkManager, add the following rows to your <code>ipsec.conf</code> file. On Arch Linux, this file is located at <code>/etc/ipsec.conf</code>: | |||
conn Hacksburg | |||
keyexchange=ikev2 | |||
dpdaction=clear | |||
dpddelay=30s | |||
eap_identity="max@hacksburg.org" | |||
leftauth=esp-mschapv2 | |||
left=%defaultroute | |||
leftsourceip=%config | |||
right=cloud.hacksburg.org | |||
rightauth=pubkey | |||
rightsubnet=0.0.0.0/0 | |||
rightid=%any | |||
rightca=<CACERT> | |||
type=tunnel | |||
auto=add | |||
Where <code><CACERT></code> is replaced by the path to this file: http://hacksburg.org/Hacksburg+CA.crt . Then, create the file <code>/etc/ipsec.secrets</code> and include the following line: | |||
<USERNAME> : EAP "<PASSWORD>" | |||
Where the username and password are issued to you by emailing board@hacksburg.org. Then, run | |||
# ipsec auto --add Hacksburg | |||
Then, make sure <code>/etc/xl2tpd/xl2tpd.conf</code> has the following contents: | |||
lac Hacksburg] | |||
lns = 216.252.204.76 | |||
ppp debug = yes | |||
pppoptfile = /etc/ppp/options.l2tpd.client | |||
length bit = yes | |||
And <code>/etc/ppp/options.l2tpd.client</code> has the following contents: | |||
ipcp-accept-local | |||
ipcp-accept-remote | |||
refuse-eap | |||
require-mschap-v2 | |||
noccp | |||
noauth | |||
idle 1800 | |||
mtu 1410 | |||
mru 1410 | |||
defaultroute | |||
usepeerdns | |||
debug | |||
connect-delay 5000 | |||
name <USERNAME> | |||
password <PASSWORD> | |||
Again using the username and password you received from the board. | |||
===== Start VPN ===== | |||
You can start the VPN by running: | |||
# systemctl start strongswan | |||
# swanctl -i -c Hacksburg | |||