laztname/ip-public.sh

## ip-public.sh
#!/bin/env bash
# reqiured packages: strongswan xl2tpd net-tools
# adjust with your credentials given from ISP
VPN_SERVER_IP='your_vpn_server_ip'
VPN_IPSEC_PSK='your_ipsec_pre_shared_key'
VPN_USER='your_vpn_username'
VPN_PASSWORD='your_vpn_password'

# routing data needed
GATEWAY_IP=$(ip route | grep via | awk -F\   {'print $3'})
LOCAL_PUBLIC_IP=$(curl https://api.ipify.org)

cat > /etc/ipsec.conf <<EOF
# ipsec.conf - strongSwan IPsec configuration file

# basic configuration
config setup
  # strictcrlpolicy=yes
  # uniqueids = no

# Add connections here.
# Sample VPN connections

conn %default
  ikelifetime=60m
  keylife=20m
  rekeymargin=3m
  keyingtries=1
  keyexchange=ike
  authby=secret
  ike=3des-sha1-modp1024
  esp=3des-sha1

conn myvpn
  keyexchange=ike
  left=%defaultroute
  auto=add
  authby=secret
  type=transport
  leftprotoport=17/1701
  rightprotoport=17/1701
  #right=103.150.150.1
  right=$VPN_SERVER_IP
EOF

cat > /etc/ipsec.secrets <<EOF
: PSK "$VPN_IPSEC_PSK"
EOF

chmod 600 /etc/ipsec.secrets

# xl2tpd configuration
cat > /etc/xl2tpd/xl2tpd.conf <<EOF
[lac myvpn]
lns = $VPN_SERVER_IP
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes
EOF

cat > /etc/ppp/options.l2tpd.client <<EOF
ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-chap
noccp
noauth
mtu 1280
mru 1280
noipdefault
defaultroute
usepeerdns
connect-delay 5000
name $VPN_USER
password $VPN_PASSWORD
EOF

chmod 600 /etc/ppp/options.l2tpd.client

mkdir -p /var/run/xl2tpd
touch /var/run/xl2tpd/l2tp-control

# configuration done

# start your ipsec first
ipsec up myvpn || systemctl start ipsec

# start your l2tp connection
echo "c myvpn" > /var/run/xl2tpd/l2tp-control

# routing
INTERFACE_NAME=$(ip -oneline -4 addr show scope global | tr -s ' ' | tr '/' ' ' | cut -f 2,4 -d ' ' | awk -F \  {'print $1'} | tail -1)
route add $VPN_SERVER_IP gw $GATEWAY_IP
route add $LOCAL_PUBLIC_IP gw $GATEWAY_IP
route add default dev $INTERFACE_NAME
	#!/bin/env bash
	# reqiured packages: strongswan xl2tpd net-tools
	# adjust with your credentials given from ISP
	VPN_SERVER_IP='your_vpn_server_ip'
	VPN_IPSEC_PSK='your_ipsec_pre_shared_key'
	VPN_USER='your_vpn_username'
	VPN_PASSWORD='your_vpn_password'

	# routing data needed
	GATEWAY_IP=$(ip route \| grep via \| awk -F\ {'print $3'})
	LOCAL_PUBLIC_IP=$(curl https://api.ipify.org)

	cat > /etc/ipsec.conf <<EOF
	# ipsec.conf - strongSwan IPsec configuration file

	# basic configuration
	config setup
	# strictcrlpolicy=yes
	# uniqueids = no

	# Add connections here.
	# Sample VPN connections

	conn %default
	ikelifetime=60m
	keylife=20m
	rekeymargin=3m
	keyingtries=1
	keyexchange=ike
	authby=secret
	ike=3des-sha1-modp1024
	esp=3des-sha1

	conn myvpn
	keyexchange=ike
	left=%defaultroute
	auto=add
	authby=secret
	type=transport
	leftprotoport=17/1701
	rightprotoport=17/1701
	#right=103.150.150.1
	right=$VPN_SERVER_IP
	EOF

	cat > /etc/ipsec.secrets <<EOF
	: PSK "$VPN_IPSEC_PSK"
	EOF

	chmod 600 /etc/ipsec.secrets

	# xl2tpd configuration
	cat > /etc/xl2tpd/xl2tpd.conf <<EOF
	[lac myvpn]
	lns = $VPN_SERVER_IP
	ppp debug = yes
	pppoptfile = /etc/ppp/options.l2tpd.client
	length bit = yes
	EOF

	cat > /etc/ppp/options.l2tpd.client <<EOF
	ipcp-accept-local
	ipcp-accept-remote
	refuse-eap
	require-chap
	noccp
	noauth
	mtu 1280
	mru 1280
	noipdefault
	defaultroute
	usepeerdns
	connect-delay 5000
	name $VPN_USER
	password $VPN_PASSWORD
	EOF

	chmod 600 /etc/ppp/options.l2tpd.client

	mkdir -p /var/run/xl2tpd
	touch /var/run/xl2tpd/l2tp-control

	# configuration done

	# start your ipsec first
	ipsec up myvpn \|\| systemctl start ipsec

	# start your l2tp connection
	echo "c myvpn" > /var/run/xl2tpd/l2tp-control

	# routing
	INTERFACE_NAME=$(ip -oneline -4 addr show scope global \| tr -s ' ' \| tr '/' ' ' \| cut -f 2,4 -d ' ' \| awk -F \ {'print $1'} \| tail -1)
	route add $VPN_SERVER_IP gw $GATEWAY_IP
	route add $LOCAL_PUBLIC_IP gw $GATEWAY_IP
	route add default dev $INTERFACE_NAME