Xl2tpd-strongswan: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(→XL2TP) |
(→XL2TP) |
||
Zeile 23: | Zeile 23: | ||
[global] | [global] | ||
− | ipsec saref = yes | + | ipsec saref = yes |
− | debug avp = yes | + | debug avp = yes |
− | debug network = yes | + | debug network = yes |
− | debug state = yes | + | debug state = yes |
− | debug tunnel = yes | + | debug tunnel = yes |
− | [lns default] | + | [lns default] |
− | ip range = 10.1.2.2-10.1.2.255 | + | ip range = 10.1.2.2-10.1.2.255 |
− | local ip = 10.1.2.1 | + | local ip = 10.1.2.1 |
− | refuse chap = yes | + | refuse chap = yes |
− | refuse pap = yes | + | refuse pap = yes |
− | require authentication = yes | + | require authentication = yes |
− | ppp debug = yes | + | ppp debug = yes |
− | pppoptfile = /etc/ppp/options.xl2tpd | + | pppoptfile = /etc/ppp/options.xl2tpd |
− | length bit = yes | + | length bit = yes |
==PPP== | ==PPP== |
Version vom 5. Juli 2017, 14:11 Uhr
Installation
apt-get install xl2tpd ppp strongswan
strongswan
ipsec.conf complete
conn l2tp keyexchange=ikev1 left=10.84.252.32 auto=add authby=secret type=transport leftprotoport=17/1701 rightprotoport=17/%any right=%any
cat /etc/ipsec.secrets 10.84.252.32 %any : PSK "1234"
XL2TP
cat /etc/xl2tpd/xl2tpd.conf
[global] ipsec saref = yes debug avp = yes debug network = yes debug state = yes debug tunnel = yes
[lns default] ip range = 10.1.2.2-10.1.2.255 local ip = 10.1.2.1 refuse chap = yes refuse pap = yes require authentication = yes ppp debug = yes pppoptfile = /etc/ppp/options.xl2tpd length bit = yes
PPP
cat /etc/ppp/options.xl2tpd require-mschap-v2 ms-dns 192.168.240.21 ms-dns 192.168.240.22 asyncmap 0 auth crtscts lock hide-password modem #for ppp3 unit 3 debug name l2tpd proxyarp lcp-echo-interval 30 lcp-echo-failure 4
cat /etc/ppp/chap-secrets xinux l2tpd "geheimes-passwort" * #l2tpd xinux "geheimes-passwort" *