search

hwdsl2 / setup-ipsec-vpn

Scripts to build your own IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2
Other
24.95k stars 6.28k forks source link

[Question] With ikev2 only mode, is all the iptables rules required #1524

Closed chiragrajk closed 7 months ago

chiragrajk commented 7 months ago

For context I am trying to setup vpn with ikev2 mode only on AWS EC2 Ubuntu instance. Are all iptables rules setup in vpnsetup_ubuntu.sh:578 required for ikev2 only mode?

hwdsl2 commented 7 months ago

@chiragrajk Hello! For IKEv2 only mode, some IPTables rules are not required: 1. Rules related to UDP port 1701. 2. Rules related to "ppp+". 3. Rule containing "L2TP_NET". Removing them is not necessary for IKEv2 only mode to work, but you can if you want. Note that the IPTables commands are numbered, so you will need to update the rule numbers accordingly.

The relevant part of the script is: https://github.com/hwdsl2/setup-ipsec-vpn/blob/b7b3fc31690b5cffe359ca6efecc76da3e07ad37/vpnsetup_ubuntu.sh#L576-L614