Hi Noel, Do you have an example configuration for swanctl/vici?
C > On 5 May 2018, at 11:01, Noel Kuntze > <[email protected]> wrote: > > The traffic selector needs to permit the DHCP request through and a DHCP > server or relay needs to be run locally. > This is absolutely no problem, other people already set this up and made it > work. > >> On 04.05.2018 15:21, Tom Rymes wrote: >> It's designed for a very specific use case, but if you install it in a >> sandbox somewhere, you can get a feel for the powershell scripts and other >> bits that are used to configure the clients. >> >> It's all wrapped around Strongswan, so you can transfer the functionality to >> your own setup, if you find it helpful. >> >> Tom >> >>> On 05/04/2018 9:15 AM, Christian Salway wrote: >>> We are working with very locked down systems so wouldn’t be able to install >>> that software unfortunately but will have a look out of interest, >>> Thanks >>> >>>>> On 4 May 2018, at 13:15, Tom Rymes <[email protected]> wrote: >>>>> >>>>> On 05/04/2018 3:45 AM, Christian Salway wrote: >>>>> Thanks to Dirk Hartmann and his scripting idea, The simplest way to add >>>>> a VPN connection to Windows 10 that includes the routing to the internal >>>>> IP, is by running the following commands in PowerShell commands. This >>>>> also enables strong ciphers (MODP2048) >>>>> /This is for a username/password VPN available to all users (remove >>>>> -*AllUserConnection* from the /*Add-VpnConnection*/ command for just the >>>>> current user)/ >>>> >>>> Apple configuration profiles and Windows scripting are definitely magic >>>> when done right. >>>> >>>> The gold standard in my experience is Algo >>>> (https://blog.trailofbits.com/2016/12/12/meet-algo-the-vpn-that-works/), >>>> which is built on top of StrongSwan: >>>> >>>> - Airdrop a file to an iOS device and you're configured. >>>> - Double-click a file on a mac, and you're configured. >>>> - Run a powershell script on Windows and you're configured. >>>> >>>> It's pretty darned cool, to be honest. >> > >
