Created
December 13, 2017 13:40
-
-
Save btgoodwin/3b937b51ccdaebe8098279ede4ca0927 to your computer and use it in GitHub Desktop.
Script for correcting the Racoon configuration of macOS/OS X so IPSec VPNs do not time out.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # There currently (12/13/17) is no way to update the Racoon template configuraiton | |
| # of macOS or OS X...and there hasn't been despite this lingering issue where | |
| # VPN tunnels will "collapse" silently just shy of an hour. The below patching | |
| # will correct the timeout issue so that your tunnel will remain useful for hours | |
| # (really, days). | |
| # | |
| # Usage: | |
| # Start your VPN connection. | |
| # Copy the "/var/run/racoon/[filename].conf" to /etc/racoon/config | |
| # You may need to make that directory | |
| # Run this script on it (may require root permissions, as shown): | |
| # $> sudo ./time_patch.sh /etc/racoon/config/[filename].conf | |
| # Update /etc/racoon/racoon.conf's last line to import /etc/racoon/config/*.conf" | |
| # instead of the original /var/run/racoon location. | |
| # Restart your VPN connection. | |
| CONFIG_FILE="${1?:Please specify a config file}" | |
| if ! [ -f ${CONFIG_FILE} ]; then | |
| echo ERROR: The specified config file does not exist. | |
| exit 1 | |
| fi | |
| # The patching... | |
| sed -i .bak -E 's/(dpd_delay) ([[:digit:]]+)/\1 0/g' ${CONFIG_FILE} | |
| sed -i .bak -E 's/(proposal_check) (obey)/\1 claim/g' ${CONFIG_FILE} | |
| sed -i .bak -E 's/(lifetime time) (3600 sec)/\1 24 hours/g' ${CONFIG_FILE} | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment