Set up your own IPsec VPN server in just a few minutes, with both IPsec/L2TP and Cisco IPsec on Ubuntu, Debian and CentOS.
An IPsec VPN encrypts your network traffic, so that nobody between you and the VPN server can eavesdrop on your data as it travels via the Internet. This is especially useful when using unsecured networks, e.g. at coffee shops, airports or hotel rooms.
Scripts use Libreswan as the IPsec server, and xl2tpd as the L2TP provider.
First, prepare your Linux server with a fresh install of Ubuntu LTS, Debian or CentOS.
Use this one-liner to set up an IPsec VPN server:
wget https://git.io/vpnsetup -O vpnsetup.sh && sudo sh vpnsetup.sh
If using CentOS, replace the link above with
Your VPN login details will be randomly generated, and displayed on the screen when finished.
For other installation options and how to set up VPN clients, read the sections below.
A dedicated server or virtual private server (VPS). OpenVZ VPS is not supported.
- New: The faster
IPsec/XAuth ("Cisco IPsec")mode is supported
- New: A pre-built Docker image of the VPN server is now available
- Fully automated IPsec VPN server setup, no user input needed
- Encapsulates all VPN traffic in UDP – does not need ESP protocol
- Can be directly used as “user-data” for a new Amazon EC2 instance
sysctl.confoptimizations for improved performance
- Tested with Ubuntu 16.04/14.04, Debian 9/8 and CentOS 7/6
A newly created Amazon EC2 instance, from these images (AMIs):
- Ubuntu 16.04 (Xenial) or 14.04 (Trusty)
- Debian 9 (Stretch) or 8 (Jessie)
- CentOS 7 (x86_64) with Updates
- CentOS 6 (x86_64) with Updates
– or –
A dedicated server or KVM/Xen-based virtual private server (VPS), freshly installed with one of the above OS. OpenVZ VPS is not supported, users could instead try OpenVPN or Shadowsocks.
This also includes Linux VMs in public clouds, such as DigitalOcean, Vultr, Linode, Google Compute Engine, Amazon Lightsail, Microsoft Azure, IBM Bluemix, OVH and Rackspace.