From 88336879f13985d042c94fbf0720a75802bc5e78 Mon Sep 17 00:00:00 2001 From: Logan Collins Date: Sat, 15 Apr 2017 19:17:13 -0500 Subject: [PATCH] clarified file sources --- README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 4f0bddeb..a820bbd5 100644 --- a/README.md +++ b/README.md @@ -133,11 +133,11 @@ Set-VpnConnectionIPsecConfiguration -ConnectionName "Algo" -AuthenticationTransf #### Ubuntu Server 16.04 example 1. Install Strongswan: `sudo apt-get install strongswan strongswan-plugin-openssl` Plugin required per [StrongSwan Documentation](https://wiki.strongswan.org/projects/strongswan/wiki/IKEv2CipherSuites), as the ECP_256 DH group is supported by the openssl plugin. -2. `/etc/ipsec.d/certs`: copy `user.crt` here -3. `/etc/ipsec.d/private`: copy `user.key` here -4. `/etc/ipsec.secrets`: add your `user.key` to the list, e.g. `xx.xxx.xx.xxx : ECDSA user.key`, like in `ipsec_user.secrets` but matching the `user.key` filename. -5. `/etc/ipsec.conf`: add the connection from `ipsec_user.conf` and update the value for `leftcert` to match the `user.crt` filename. -6. `/etc/ipsec.d/cacerts`: copy `cacert.pem` here +2. `/etc/ipsec.d/certs`: copy `user.crt` here from `algo-master/configs//pki/certs/`. +3. `/etc/ipsec.d/private`: copy `user.key` here from `algo-master/configs//pki/private`. +4. `/etc/ipsec.d/cacerts`: copy `cacert.pem` here from `algo-master/configs//cacert.pem`. +5. `/etc/ipsec.secrets`: add your `user.key` to the list, e.g. `xx.xxx.xx.xxx : ECDSA user.key`, like in `ipsec_user.secrets` but matching the `user.key` filename. +6. `/etc/ipsec.conf`: add the connection from `ipsec_user.conf` and update the value for `leftcert` to match the `user.crt` filename. 7. `sudo ipsec restart`: pick up config changes 8. `sudo ipsec up `: start the ipsec tunnel 9. `sudo ipsec down `: shutdown the ipsec tunnel