strongMan is a management interface for strongSwan. Based on Django and Python, strongMan provides a user friendly graphical interface to configure and establish IPsec connections. It supports
- RSA / ECDSA asymmetric encryption
- EAP with username and password
- EAP-TLS
- serveral authentification rounds
The strongMan application implements a persistent connection and asymmetric key management. Several common connection use cases are implemented and can be used in few configuration steps.
Requirements:
- strongSwan with vici plugin
- python3/pip3
- git
- virtualenv
Run the following commands to install strongMan.
git clone https://github.com/strongswan/strongMan.git
cd strongMan
sudo ./setup.py install
We have installed strongMan with all it's requirements in a virtual environment and loaded a default user into the database.
To guarantee data consistency between strongMan and strongSwan, configure a script in the strongSwan configuration, which will be executed on the startup of strongSwan.
If you aren’t planning on setting up a systemd service, do the following: Put these lines into in "/etc/strongswan.d/strongMan.conf". Replace ’pathTostrongMan’ with the path, where you installed strongMan.
charon {
start-scripts {
strongman = /pathTostrongMan/configloader.py
}
}
If you will configure strongMan with a systemd service, follow these instructions to get the Configuration Loader running. Put the following line into "strongswan-swanctl.service". Replace "pathTostrongMan" with the path, where you installed strongMan.
ExecStartPost=/pathTostrongMan/configloader.py
Now we can start the strongMan server.
sudo ./run.py
The server is now accessible on http://localhost:1515 Username: John, Password: Lennon@1940
If you want to run strongMan permanently in the background you can install strongMan as a systemd service.
sudo ./setup.py add-service # Adds the service and additionally a launcher icon
Removes the service and the launcher icon
sudo ./setup.py remove-service