[Swan] default config that works with recent android/win10/win11/macos/ios
manfred
mx2927 at gmail.com
Thu Feb 29 02:15:03 EET 2024
In particular, Win10 still defaults to DH group 2 (1024 bit), which is
known to be insecure, and libreswan rejects it by default, IIRC.
I'm not sure about Win11, but I would expect MS to stick to their design.
My 2 c.
On 2/28/2024 6:32 PM, John Crisp via Swan wrote:
>
>
> On 28 February 2024 20:57:30 CET, Marc via Swan <swan at lists.libreswan.org> wrote:
>> Where can I find a working and tested config, that offers vpn connectivity with the os default clients of android, win10, win11, macos and ios? (maybe put this on some wiki/example page)
>
> Not sure there is one as the variations in systems are almost infinite.
>
> Net to net, client to net, NAT, no NAT, IPv4/6, routing, firewalling etc etc. See the examples below.
>
> Other VPNs generally have the same issues. I'm dealing right now with a complicated intransigent openvpn setup. I'd prefer Libreswan, but in this particular scenario it would not suit. Horses for courses.
>
> These should get you started. Pretty sure they are open to improvements if you have some.
>
> https://libreswan.org/
>
> https://libreswan.org/wiki/Configuration_examples
>
> https://libreswan.org/man/ipsec.conf.5.html
>
> https://github.com/libreswan/libreswan
>
>
>
More information about the Swan
mailing list