xl2tpd, openswan都是通过apt-get 直接安装
/etc/ipsec.conf内容如下:
代码:
version 2.0
config setup
nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
oe=off
protostack=netkey
conn L2TP-PSK-NAT
rightsubnet=vhost:%priv
also=L2TP-PSK-noNAT
conn L2TP-PSK-noNAT
authby=secret
pfs=no
auto=add
keyingtries=3
rekey=no
dpddelay=10
dpdtimeout=90
dpdaction=clear
ikelifetime=8h
keylife=1h
type=transport
left=192.168.100.250
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
/etc/ipsec.secrets内容如下:
代码:
192.168.100.250 %any: PSK "test"
/etc/xl2tpd/xl2tpd.conf内容:
代码:
[global]
ipsec saref = yes
[lns default]
ip range = 10.85.91.100-10.85.91.254
local ip = 10.85.91.1
refuse chap = yes
refuse pap = yes
require authentication = yes
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes
/etc/ppp/options.xl2tpd内容:
代码:
require-mschap-v2
ms-dns 199.91.73.222
ms-dns 178.79.131.110
asyncmap 0
auth
crtscts
lock
hide-password
modem
debug
name l2tpd
proxyarp
lcp-echo-interval 30
lcp-echo-failure 4
运行后,从客户端可以不输入PSK直接连接VPN找来找去,没找到解决方法
登录
注册
FAQ