The IKEv2 and Clientless SSL VPN options are supported on Linux. The following instructions will help you create and use the VPN option of your choice. For more information on the VPN types, see VPN.
Contents
Using the IKEv2 VPN Option on Linux
The easiest way to use StrongSwan on Linux is using the StrongSwan Network Manager Plugin. Command-line options also exist if you so desire, and instructions are available at https://wiki.strongswan.org.
Installation on Debian-based distributions
For recent Debian-based distributions, you will need to install StrongSwan and it's eap-identity and eap-mschapv2 plugins. You may adapt these instructions for other distributions, just be aware the packages may be named different, and package the plugins in different packages as well.
- Installing the following packages using your package manager of choice (e.g. Synaptic, apt, apt-get, aptitude, etc):
- network-manager-strongswan
- libstrongswan-extra-plugins
- libcharon-extra-plugins
It is also possible to download the source code from strongswan.org and compile from source. If you choose this option, remember to also compile and install the eap-identity and eap-mschapv2 plugins. More information is available at https://wiki.strongswan.org.
Configuration on Debian-based distributions
- Open your desktop's Network Manager application and edit it's connections.
- Add a new VPN connection using IPsec-based VPN (strongswan)
- Set the Connection Name to
CAEDM IKEv2 VPN - Set Gateway: to
vpn.et.byu.edu - Set Authentication to
EAP - Enter your Username
- Enter your Password (or leave blank to be prompted when you connect)
- Under Options select only Request an inner IP address and Enforce UDP encapsulation
- Set the Connection Name to
- Click OK
For additional help in installing or configuring StrongSwan Network, consult the wiki at https://wiki.strongswan.org.
Using the Clientless SSL VPN Option on Linux
- Go to https://vpn.et.byu.edu/ using your browser of choice.
- Enter your CAEDM username and password, and then click "Login"
