本文主要是介绍Ubuntu20.04 搭建L2TP+IPsec客户端,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
1 安装
安装l2tp和strongswan。
sudo apt install xl2tpd
sudo apt install strongswan
2 ipsec配置
1)编辑**/etc/ipsec.conf**
conn myvpnauto=addauthby=secrettype=transportleft=%defaultrouteleftprotoport=17/1701rightprotoport=17/1701# 服务器公网地址right=10.25.X.Xforceencaps=yeskeyexchange=ikev2ike=chacha20poly1305-sha512-curve25519-prfsha512esp=chacha20poly1305-sha512
2)编辑**/etc/ipsec.secrets** , 设置ipsec的预共享秘钥,
# This file holds shared secrets or RSA private keys for authentication.# RSA private key for this host, authenticating it to any other host
# which knows the public part.
: PSK "123456"
配置完后修改权限
chmod 600 /etc/ipsec.secrets
3 l2tp配置
编辑**/etc/xl2tpd/xl2tpd.conf**
[lac myvpn]
# vpn用户名
name = root
# 服务器地址
lns = 10.25.X.X
ppp debug = yes
#
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes
4 ppp配置
编辑PPP配置文件(例如上文中的**/etc/ppp/options.l2tpd.client**)。
ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-chap
noccp
noauth
mtu 1280
mru 1280
noipdefault
defaultroute
usepeerdns
connect-delay 5000
# vpn用户名
name "root"
# vpn密码
password "root"
配置完后修改权限
chmod 600 /etc/ppp/options.l2tpd.client
5 启动脚本
# 创建xl2tpd控制文件
mkdir -p /var/run/xl2tpd
touch /var/run/xl2tpd/l2tp-control# 停止已开启的VPN连接
echo "d myvpn" > /var/run/xl2tpd/l2tp-control
ipsec down myvpn# 重启ipsec
ipsec restart
service xl2tpd restart# 启动vpn
ipsec up myvpn
echo "c myvpn" > /var/run/xl2tpd/l2tp-controlsleep 10# 添加指向vpn服务器私有地址的路由
route add -net 192.168.100.0 netmask 255.255.255.0 gw 192.168.100.210
这篇关于Ubuntu20.04 搭建L2TP+IPsec客户端的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!
