Skip to content

Peter-Sh/simple-strongswan-centos-7

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
defaults
defaults
 
 
handlers
handlers
 
 
meta
meta
 
 
tasks
tasks
 
 
templates
templates
 
 
README.md
README.md
 
 

Repository files navigation

Setup your own ipsec vpn server using strongswan

This ansible role helps to setup simple strongswan vpn on a dedicated centos-7 server.

I've made it for private usage, but decided to publish it to help my friends to setup vpn servers.

Use it on your own risk.

The work is based on this post (russian) by ValdikSS.

Installation

Create requiments.yml file or add this lines to existing file.

# req.yml
- src: git+https://github.com/Peter-Sh/simple-strongswan-centos-7.git
  version: master

Install the role:

ansible-galaxy install -r req.yml

Usage

Simple playbook example.

The example playbook will:

  • setup strongswan server using RSA based certificates for authentication.
  • setup NAT and packet forwarding in iptables.

Certificates are expected to be in pki_dir and created with easy-rsa-ipsec tool by ValdikSS. You can setup your PKI using this tool or a simple role.

At least ca.crt and server certificate for your.vps.domain.name should be created.

- hosts: your.vps.domain.name
  tasks:
  roles:
  - role: simple-strongswan-centos-7
    swan_fqdn: your.vps.domain.name
    pki_dir: /home/user/easy-rsa/easyrsa3/pki

About

Simple ansible role to setup strongswan vps

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published