Linux Vpn
From Federal Burro of Information
Jump to navigationJump to search
Far end is Cisco
you need :
- IPSEC gateway: the hostname or IP of the VPN server
- IPSEC ID: the groupname
- IPSEC secret: the shared password for the group
- your username
- your password
Scripted setup
https://github.com/hwdsl2/setup-ipsec-vpn
req ports:
UDP 1500 UDP 500 UDP 4500
resource "aws_instance" "vpn-server" { ami = "ami-01b60a3259250381b" # ubuntu 18 ca-central-1 instance_type = "t2.medium" availability_zone = "${data.aws_subnet.subnet1.availability_zone}" key_name = "${var.keypair_name}" vpc_security_group_ids = ["${aws_security_group.vpn_server_sg.id}"] subnet_id = "${data.aws_subnet.subnet1.id}" user_data = "${data.template_file.vpn-server-init.rendered}" lifecycle { # ignore_changes = ["user_data"] } tags { name = "vpn-${var.env}" env = "${var.env}" managedby = "terraform" } } data "template_file" "vpn-server-init" { template = "${file("templates/vpn-server-init.tpl")}" vars { hostname = "vpn.${var.domain}" } } resource "aws_route53_record" "vpn" { zone_id = "${data.aws_route53_zone.zone.zone_id}" name = "vpn.${data.aws_route53_zone.zone.name}" type = "A" ttl = "300" records = ["${aws_instance.vpn-server.public_ip}"] }
cloud-init
hostname: ${hostname} runcmd: - [ 'export', 'VPN_USER=username'] - [ 'export', 'VPN_PASSWORD=password'] - [ 'export', 'VPN_IPSEC_PSK=PSK'] - [ 'wget', "https://git.io/vpnsetup", "-O", "/tmp/vpnsetup.sh"] - [ 'chmod', '755', '/tmp/vpnsetup.sh'] - [ '/tmp/vpnsetup.sh']