IPSec IKEv2
Install packages
You will need to install some additional packages on your ubuntu/debian operation system to connect VPN over Ipsec-IKEv2. Please issue followings to begin setup.
sudo apt-get -y install strongswan libcharon-extra-plugins libstrongswan-extra-plugins libstrongswan-standard-plugins strongswan-starter
Create a link for certificates
rmdir /etc/ipsec.d/cacerts
ln -s /etc/ssl/certs /etc/ipsec.d/cacerts
Edit configuration
Replace MYUSERNAME with your username and "right= " server address (veripn_server_ip). You can change "auto=add" to "auto=start", if you to start VPN when system started.
printf '%s\n\t' 'conn VeriPN_London' 'keyexchange=ikev2' 'fragmentation=yes' 'dpdaction=clear' 'dpddelay=300s' 'leftid=MYUSERNAME' 'leftauth=eap-mschapv2' 'left=%defaultroute' 'leftsourceip=%config' 'right=veripn_server_ip' 'rightsubnet=0.0.0.0/0' 'rightid=%any' 'auto=add' > /etc/ipsec.conf
This linux script will write down the mandatory configuration settings into ipsec.conf file.
End up with config
You will end up with a config file that looks like this:
conn VeriPN_London
keyexchange=ikev2
dpdaction=clear
dpddelay=300s
fragmentation=yes
leftid=MYUSERNAME
leftauth=eap-mschapv2
left=%defaultroute
leftsourceip=%config
right=VeriPNserverIP>
rightsubnet=0.0.0.0/0
rightid=%any
auto=add
You will also need to disable the "constraints" plugin
Now you need to write your credentials into /etc/ipsec.secrets. Replace your username and password on the following command.
Connect
Then restart ipsec and you can now connect to VPN.
ipsec restart
ipsec up VeriPN_London