Xl2tpd-strongswan: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(→PPP) |
|||
(3 dazwischenliegende Versionen von 2 Benutzern werden nicht angezeigt) | |||
Zeile 15: | Zeile 15: | ||
right=%any | right=%any | ||
+ | ===ipsec.secrets complete=== | ||
cat /etc/ipsec.secrets | cat /etc/ipsec.secrets | ||
10.84.252.32 %any : PSK "1234" | 10.84.252.32 %any : PSK "1234" | ||
+ | |||
+ | '''Wichtig dieser Eintrag muss am Ende stehen''' | ||
==XL2TP== | ==XL2TP== | ||
Zeile 49: | Zeile 52: | ||
asyncmap 0 | asyncmap 0 | ||
auth | auth | ||
− | crtscts | + | #crtscts nicht vorhanden in 5.6.2-1ubuntu2.4 |
− | lock | + | #lock nicht vorhanden in 5.6.2-1ubuntu2.4 |
hide-password | hide-password | ||
− | modem | + | #modem nicht vorhanden in 5.6.2-1ubuntu2.4 |
#for ppp3 | #for ppp3 | ||
unit 3 | unit 3 | ||
Zeile 66: | Zeile 69: | ||
#l2tpd xinux "geheimes-passwort" * | #l2tpd xinux "geheimes-passwort" * | ||
</pre> | </pre> | ||
+ | |||
+ | =Starten= | ||
+ | *systemctl restart strongswan | ||
+ | *systemctl restart xl2tpd |
Aktuelle Version vom 12. November 2019, 11:48 Uhr
Installation
apt-get install xl2tpd ppp strongswan
strongswan
ipsec.conf complete
conn l2tp keyexchange=ikev1 left=10.84.252.32 auto=add authby=secret type=transport leftprotoport=17/1701 rightprotoport=17/%any right=%any
ipsec.secrets complete
cat /etc/ipsec.secrets
10.84.252.32 %any : PSK "1234"
Wichtig dieser Eintrag muss am Ende stehen
XL2TP
cat /etc/xl2tpd/xl2tpd.conf
[global] ipsec saref = yes debug avp = yes debug network = yes debug state = yes debug tunnel = yes [lns default] ip range = 10.1.2.2-10.1.2.255 local ip = 10.1.2.1 refuse chap = yes refuse pap = yes require authentication = yes ppp debug = yes pppoptfile = /etc/ppp/options.xl2tpd length bit = yes
PPP
cat /etc/ppp/options.xl2tpd
require-mschap-v2 ms-dns 192.168.240.21 ms-dns 192.168.240.22 asyncmap 0 auth #crtscts nicht vorhanden in 5.6.2-1ubuntu2.4 #lock nicht vorhanden in 5.6.2-1ubuntu2.4 hide-password #modem nicht vorhanden in 5.6.2-1ubuntu2.4 #for ppp3 unit 3 debug name l2tpd proxyarp lcp-echo-interval 30 lcp-echo-failure 4
cat /etc/ppp/chap-secrets
xinux l2tpd "geheimes-passwort" * #l2tpd xinux "geheimes-passwort" *
Starten
- systemctl restart strongswan
- systemctl restart xl2tpd