Xl2tpd-strongswan: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(→PPP) |
|||
(9 dazwischenliegende Versionen von 2 Benutzern werden nicht angezeigt) | |||
Zeile 15: | Zeile 15: | ||
right=%any | right=%any | ||
+ | ===ipsec.secrets complete=== | ||
cat /etc/ipsec.secrets | cat /etc/ipsec.secrets | ||
+ | |||
10.84.252.32 %any : PSK "1234" | 10.84.252.32 %any : PSK "1234" | ||
+ | |||
+ | '''Wichtig dieser Eintrag muss am Ende stehen''' | ||
==XL2TP== | ==XL2TP== | ||
cat /etc/xl2tpd/xl2tpd.conf | cat /etc/xl2tpd/xl2tpd.conf | ||
− | + | <pre> | |
[global] | [global] | ||
− | |||
− | |||
− | |||
ipsec saref = yes | ipsec saref = yes | ||
debug avp = yes | debug avp = yes | ||
Zeile 31: | Zeile 32: | ||
debug state = yes | debug state = yes | ||
debug tunnel = yes | debug tunnel = yes | ||
− | + | ||
[lns default] | [lns default] | ||
ip range = 10.1.2.2-10.1.2.255 | ip range = 10.1.2.2-10.1.2.255 | ||
Zeile 41: | Zeile 42: | ||
pppoptfile = /etc/ppp/options.xl2tpd | pppoptfile = /etc/ppp/options.xl2tpd | ||
length bit = yes | length bit = yes | ||
+ | </pre> | ||
==PPP== | ==PPP== | ||
cat /etc/ppp/options.xl2tpd | cat /etc/ppp/options.xl2tpd | ||
− | + | <pre> | |
require-mschap-v2 | require-mschap-v2 | ||
ms-dns 192.168.240.21 | ms-dns 192.168.240.21 | ||
Zeile 50: | Zeile 52: | ||
asyncmap 0 | asyncmap 0 | ||
auth | auth | ||
− | crtscts | + | #crtscts nicht vorhanden in 5.6.2-1ubuntu2.4 |
− | lock | + | #lock nicht vorhanden in 5.6.2-1ubuntu2.4 |
hide-password | hide-password | ||
− | modem | + | #modem nicht vorhanden in 5.6.2-1ubuntu2.4 |
#for ppp3 | #for ppp3 | ||
unit 3 | unit 3 | ||
Zeile 61: | Zeile 63: | ||
lcp-echo-interval 30 | lcp-echo-interval 30 | ||
lcp-echo-failure 4 | lcp-echo-failure 4 | ||
− | + | </pre> | |
cat /etc/ppp/chap-secrets | cat /etc/ppp/chap-secrets | ||
− | + | <pre> | |
xinux l2tpd "geheimes-passwort" * | xinux l2tpd "geheimes-passwort" * | ||
#l2tpd xinux "geheimes-passwort" * | #l2tpd xinux "geheimes-passwort" * | ||
+ | </pre> | ||
+ | |||
+ | =Starten= | ||
+ | *systemctl restart strongswan | ||
+ | *systemctl restart xl2tpd |
Aktuelle Version vom 12. November 2019, 11:48 Uhr
Installation
apt-get install xl2tpd ppp strongswan
strongswan
ipsec.conf complete
conn l2tp keyexchange=ikev1 left=10.84.252.32 auto=add authby=secret type=transport leftprotoport=17/1701 rightprotoport=17/%any right=%any
ipsec.secrets complete
cat /etc/ipsec.secrets
10.84.252.32 %any : PSK "1234"
Wichtig dieser Eintrag muss am Ende stehen
XL2TP
cat /etc/xl2tpd/xl2tpd.conf
[global] ipsec saref = yes debug avp = yes debug network = yes debug state = yes debug tunnel = yes [lns default] ip range = 10.1.2.2-10.1.2.255 local ip = 10.1.2.1 refuse chap = yes refuse pap = yes require authentication = yes ppp debug = yes pppoptfile = /etc/ppp/options.xl2tpd length bit = yes
PPP
cat /etc/ppp/options.xl2tpd
require-mschap-v2 ms-dns 192.168.240.21 ms-dns 192.168.240.22 asyncmap 0 auth #crtscts nicht vorhanden in 5.6.2-1ubuntu2.4 #lock nicht vorhanden in 5.6.2-1ubuntu2.4 hide-password #modem nicht vorhanden in 5.6.2-1ubuntu2.4 #for ppp3 unit 3 debug name l2tpd proxyarp lcp-echo-interval 30 lcp-echo-failure 4
cat /etc/ppp/chap-secrets
xinux l2tpd "geheimes-passwort" * #l2tpd xinux "geheimes-passwort" *
Starten
- systemctl restart strongswan
- systemctl restart xl2tpd