Xl2tpd-openswan-client
Zur Navigation springen
Zur Suche springen
Installation
apt-get install xl2tpd ppp openswan
ipsec
cat /etc/ipsec.conf
version 2.0 # conforms to second version of ipsec.conf specification
config setup
dumpdir=/var/run/pluto/
protostack=netkey
nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v6:fd00::/8,%v6:fe80::/10
oe=off
conn yourconn
authby=secret
pfs=no
auto=add
keyingtries=3
dpddelay=30
dpdtimeout=120
dpdaction=clear
rekey=yes
ikelifetime=8h
keylife=1h
type=transport
left=%defaultroute
leftprotoport=17/1701
right=yourvpnserver.com
rightprotoport=17/1701
cat /etc/ipsec.secrets %any yourvpnserver.com : PSK "pissespisse"
xl2tp
cat /etc/xl2tpd/xl2tpd.conf [lac vpn-connection] lns = yourvpnserver.com ppp debug = yes pppoptfile = /etc/ppp/options.l2tpd.client length bit = yes
ppp
cat /etc/ppp/options.l2tpd.client ipcp-accept-local ipcp-accept-remote refuse-eap require-mschap-v2 noccp noauth idle 1800 mtu 1410 mru 1410 defaultroute usepeerdns debug lock connect-delay 5000 name xinux password suxer
Start Script
#!/bin/bash case $1 in start) /etc/init.d/ipsec restart sleep 1 ipsec auto --up yourconn sleep 1 /etc/init.d/xl2tpd start sleep 1 echo "c vpn-connection" > /var/run/xl2tpd/l2tp-control sleep 5 ip route add 192.168.240.0/21 via 172.28.6.1 ;; stop) ip route del 192.168.240.0/21 echo "d vpn-connection" > /var/run/xl2tpd/l2tp-control /etc/init.d/xl2tpd stop ipsec auto --down yourconn /etc/init.d/ipsec stop ;; esac