OpenIKED
Server configuration
iked.conf
Add this to /etc/iked.conf (replace vpn_user_name and vpn_user_password with the username and password you will use to connect, and replace 203.0.113.5 with your server's public IP address and vpn.ircnow.org with vpn.your.domain, i.e.: vpn.user.host.ircnow.org):
vpn_user_name = "vpn-user"
vpn_user_password = "vpn-password"
remote_gw = "203.0.113.5"
vpn_id = "vpn.ircnow.org"
client_pool = "10.0.5.0/24"
client_dns = "203.0.113.5"
user $vpn_user_name $vpn_user_password
ikev2 'user_vpn' passive esp \
from any to dynamic \
local $remote_gw peer any \
srcid $vpn_id \
eap "mschap-v2" \
config address $client_pool \
config name-server $client_dns \
tag "ROADW"
The value for the vpn_id macro parameter MUST be different from your IRCnow hostname. For example, if your IRCNow hostname is "user.host.ircnow.org", you should pick something like "vpn.user.host.ircnow.org". Whatever you pick should be a valid hostname that resolves to an IP address. The 'from' rule allows any user to connect. The name-server provides the name-server that vpn clients will use. So in this example, you must have a valid caching name server running on IP 203.0.113.5. Note that these packets will get tagged as ROADW.