History

kev 82143a5b63 swith to new domain: easypi.pro		2017-05-08 07:05:07 +08:00
..
Dockerfile	swith to new domain: easypi.pro	2017-05-08 07:05:07 +08:00
README.md	strongswan: Split-Tunneling with IKEv2	2016-07-01 00:09:28 +08:00
docker-compose.yml	strongswan: Split-Tunneling with IKEv2	2016-07-01 00:09:28 +08:00
docker-entrypoint.sh	strongswan uses docker-compose v2	2016-06-30 23:47:33 +08:00
init.sh	strongswan: Split-Tunneling with IKEv2	2016-07-01 00:09:28 +08:00

README.md

strongswan

strongSwan is an Open Source IPsec-based VPN solution for Linux and other UNIX based operating systems implementing both the IKEv1 and IKEv2 key exchange protocols.

⚠️ This docker image only support IKEv2!

docker-compose.yml

version: '2'
services:
  strongswan:
    image: vimagick/strongswan
    ports:
      - 500:500/udp
      - 4500:4500/udp
    volumes:
      - /lib/modules:/lib/modules
      - /etc/localtime:/etc/localtime
    environment:
      - VPN_DOMAIN=vpn.easypi.info
      - VPN_NETWORK=10.20.30.0/24
      - LAN_NETWORK=192.168.0.0/16
      - VPN_P12_PASSWORD=secret
    tmpfs: /run
    privileged: yes
    restart: always

up and running

docker-compose up -d
docker cp strongswan_strongswan_1:/etc/ipsec.d/client.mobileconfig .
docker cp strongswan_strongswan_1:/etc/ipsec.d/client.cert.p12 .
docker-compose logs -f

Mac/IOS: client.mobileconfig
Android: client.cert.p12