Linux Connection Setup

Installing the Required Packages

Depending on your Linux distribution, install the necessary packages for IPSEC:

Ubuntu

sudo apt-get install strongswan libstrongswan-standard-plugins

RHEL-based

dnf install epel-release
dnf install strongswan

IPSEC Connection Setup

Copy the following files from the VPN server to the client:

• /opt/niflheim/configs/<external_ip>/ipsec/.pki/certs/<user_name>.crt to /etc/ipsec.d/certs
• /opt/niflheim/configs/<external_ip>/ipsec/.pki/private/<user_name>.key to /etc/ipsec.d/private
• /opt/niflheim/configs/<external_ip>/ipsec/manual/cacert.pem to /etc/ipsec.d/cacerts

Add the <user_name>.key file to /etc/ipsec.secrets in the following format:

<external_ip> : ECDSA <user_name>.key

Add the configuration from /opt/niflheim/configs/<external_ip>/ipsec/manual/<user_name>.conf to /etc/ipsec.conf.

Then, restart IPSEC:

sudo ipsec restart

Connecting

sudo ipsec up <tunnel_name>

Disconnecting

sudo ipsec down <tunnel_name>

WireGuard Client Configuration

Installing the Required Packages

Install the WireGuard client according to the official documentation .

Obtaining the Configuration File

• Connect to the virtual machine via SSH.
• Navigate to the directory /opt/niflheim/configs/<external_ip>.
• The directory contains all configuration files for client setup. In this case, you need the configuration file wireguard/<user_name>.conf.
• Copy the file to your local machine.

Configuration

After copying the configuration file, you need to configure the client.

Copy your configuration file:

cp <user_name>.conf /etc/wireguard/wg0.conf

Then start the client:

sudo systemctl start wg-quick@wg0

Optionally, enable the client to start at boot:

sudo systemctl enable wg-quick@wg0