Same configuration file for different servers

[Yuckly]

Checklist

• [x] I searched existing Issues, and did not find a similar enhancement request
• [x] This enhancement request is about the VPN setup scripts, and not IPsec VPN itself
• [x] I read the README
• [x] I read the Important notes
• [x] I followed instructions to configure VPN clients
• [x] I checked IKEv1 troubleshooting, IKEv2 troubleshooting and VPN status

Describe the enhancement request I set up two servers with ikev2(server1 and server2) and I have a domain name for the server1. Now I want to transfer all the clients of server1 to server2 without changing the client configuration file.(Of course after the domain points to the server2) Is this doable? I tried transfer the related files to server2 but it didn't work.

Is your enhancement request related to a problem? Please describe. (If applicable) A clear and concise description of what the problem is. Having trouble connecting after transferring credential files from one server to another.

[hwdsl2]

@Yuckly Hello! Yes, there are multiple ways to achieve this. The following assumes that you used a domain name (DNS name) when setting up IKEv2, which you have already done.

Option 1: Create a snapshot of server 1 and restore it to server 2 (after making a backup of server 2).

Option 2:

1. Run the script in this repo to install IPsec VPN on server 2, using the same domain name (DNS name).
2. Copy the first server's entire /etc/ipsec.d directory to the second server (overwriting the existing /etc/ipsec.d, be sure to make a backup first).
3. Restart the ipsec service.

When finished, both servers will have the same IKEv2 VPN CA and same client database.

In addition, if you also want to migrate configuration for IKEv1, copy /etc/ipsec.conf, /etc/ipsec.secrets, /etc/xl2tpd/xl2tpd.conf, /etc/ppp/options.xl2tpd and /etc/ppp/chap-secrets to the new server. Restart the ipsec and xl2tpd services when finished.