安装l2tp
sudo apt install xl2tpd
sudo apt install strongswan
sudo add-apt-repository ppa:nm-l2tp/network-manager-l2tp
sudo apt install network-manager-l2tp
修改配置文件
然后是配置部分了,需要用sudo权限来修改下面几个文件:
(1) 编辑/etc/
conn L2TP-IPSEC
authby=secret
auto=add
keyingtries=3
ikelifetime=8h
keylife=1h
ike=aes128-sha256-modp3072
esp=aes128-sha256
type=transport
#Replace IP address with your current IP used for L2TP connection
left=192.168.10.162
leftsubnet=192.168.10.0/24[17/1701]
#Replace IP address with the remote end to connect this server
right=192.168.2.0/24
rightsubnet=192.168.2.0/24[17/%any]
dpddelay=30s
dpdtimeout=150s
dpdaction=clear
(2) 编辑/etc/,设置ipsec的预共享秘钥
# This file holds shared secrets or RSA private keys for authentication.
# RSA private key for this host, authenticating it to any other host
# which knows the public part.
#the selector is optional
192.168.10.162 192.168.2.0/24 : PSK "anyk-xgpon-unicom"
(3) 编辑/etc/ppp/options.xl2tpd. l2tp是为PPP(point to point protocol)提供隧道服务的,所以ppp相关的配置也要设置。
require-mschap-v2
refuse-mschap
ms-dns 127.0.0.53
asyncmap 0
auth
crtscts
idle 1800
mtu 1410
mru 1410
hide-password
local
modem
lock
name l2tpd
connect-delay 5000
lcp-echo-interval 30
lcp-echo-failure 4
(4)编辑/etc/xl2tpd/
[global]
ipsec saref = no
debug tunnel = no
debug avp = no
debug network = no
debug state = no
access control = no
rand source = dev
port = 1701
auth file = /etc/ppp/chap-secrets
[lns default]
ip range = 192.168.18.1 - 192.168.18.254
local ip = 192.168.18.162
name = l2tp
pass peer = yes
refuse pap = yes
refuse chap = yes
require authentication = yes
ppp debug = no
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes
lns是指L2TP network server,即本机。和它对应的另一端是lac,即L2TP access concentrator,可以理解为客户端。
ip range是指lns在和lac建立连接后,将给其分配的地址区间。
local ip是指lns给本机分配的ip address
(5)编辑/etc/ppp/chap-secrets,填写客户端连接时的用户名和密码
# Secrets for authentication using CHAP
# client server secret IP addresses
test * 123456 *
最后,重启xl2tpd和ipsec服务
$sudo service xl2tpd restart
$sudo service ipsec restart
这个l2tp服务器应该已经运行起来了。查看其运行状态
$sudo service xl2tpd status