L2TP: Unterschied zwischen den Versionen

Aus xinux.net
Zur Navigation springen Zur Suche springen
(Die Seite wurde geleert.)
 
(47 dazwischenliegende Versionen von 9 Benutzern werden nicht angezeigt)
Zeile 1: Zeile 1:
=Server=
 
  
==Installation==
 
apt-get install  xl2tpd ppp openswan
 
==Openswan==
 
cat /etc/ipsec.conf
 
version 2.0
 
config setup
 
    nat_traversal=yes
 
    virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
 
    oe=off
 
    protostack=netkey
 
conn l2tp
 
    authby=secret
 
    pfs=no
 
    auto=add
 
    type=transport
 
    left=XXX.XXX.XXX.XXX
 
    leftprotoport=17/1701
 
    right=%any
 
    rightprotoport=17/%any
 
 
cat /etc/ipsec.secrets
 
XXX.XXX.XXX.XXX  %any : PSK "1234"
 
==XL2TP==
 
cat /etc/xl2tpd/xl2tpd.conf
 
 
[global]
 
ipsec saref = yes
 
 
[lns default]
 
ip range = 10.1.2.2-10.1.2.255
 
local ip = 10.1.2.1
 
refuse chap = yes
 
refuse pap = yes
 
require authentication = yes
 
ppp debug = yes
 
pppoptfile = /etc/ppp/options.xl2tpd
 
length bit = yes
 
 
==PPP==
 
cat /etc/ppp/options.xl2tpd
 
 
require-mschap-v2
 
ms-dns 192.168.240.21
 
ms-dns 192.168.240.22
 
asyncmap 0
 
auth
 
crtscts
 
lock
 
hide-password
 
modem
 
debug
 
name l2tpd
 
proxyarp
 
lcp-echo-interval 30
 
lcp-echo-failure 4
 
 
cat /etc/ppp/chap-secrets
 
 
xinux        l2tpd      "geheimes-passwort"       *
 
l2tpd        xinux   "geheimes-passwort"       *
 
 
=Client=
 
==Installation==
 
apt-get install  xl2tpd ppp openswan
 
 
==Start Script==
 
#!/bin/bash
 
  case $1 in
 
start)
 
  /etc/init.d/ipsec restart
 
  sleep 1
 
  ipsec auto --up nagus
 
  sleep 1
 
  /etc/init.d/xl2tpd start
 
  sleep 1
 
  echo "c vpn-connection" > /var/run/xl2tpd/l2tp-control
 
  sleep 5
 
  ip route add 192.168.240.0/21 via 172.28.6.1
 
;;
 
stop)
 
  ip route del 192.168.240.0/21
 
  echo "d vpn-connection" > /var/run/xl2tpd/l2tp-control
 
  /etc/init.d/xl2tpd stop
 
  ipsec auto --down nagus
 
  /etc/init.d/ipsec stop
 
;;
 
esac
 
 
 
Quellen:
 
*http://blog.riobard.com/2010/04/30/l2tp-over-ipsec-ubuntu
 
*http://pleasefeedthegeek.wordpress.com/2012/04/21/l2tp-ubuntu-server-setup-for-ios-clients/
 
*http://www.jacco2.dds.nl/networking/linux-l2tp.html
 
*https://wiki.archlinux.org/index.php/L2TP/IPsec_VPN_client_setup
 

Aktuelle Version vom 7. September 2017, 09:22 Uhr

Abgerufen von „https://xinux.net/index.php?title=L2TP&oldid=13892