VPN

[admin]

https://help.ubuntu.com/community/CategoryVPN

- PPTP

Package
pptpd

Config file
/etc/pptpd.conf

โค๊ด: [Select]

option /etc/ppp/pptpd-options
logwtmp
localip 192.168.0.1
remoteip 192.168.0.101-200
connections 200
/etc/ppp/pptpd-options

โค๊ด: [Select]

name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
ms-dns 8.8.8.8
ms-dns 8.8.4.4
#proxyarp
nodefaultroute
lock
nobsdcomp
mtu 1200
mru 1200
#plugin radius.so
#plugin radattr.so
lcp-echo-failure 50
/etc/ppp/chap-secrets

โค๊ด: [Select]

vpnuser * vpnpass *

- L2TP/IPSEC

Package
xl2tpd openswan

Config file
/etc/ipsec.conf

โค๊ด: [Select]

version 2

config setup
    dumpdir=/var/run/pluto/
    nat_traversal=yes
    virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v6:fd00::/8,%v6:fe80::/10
    protostack=netkey
    force_keepalive=yes
    keep_alive=60

conn L2TP-PSK-noNAT
    authby=secret
    pfs=no
    auto=add
    keyingtries=3
    ikelifetime=8h
    keylife=1h
    ike=aes256-sha1,aes128-sha1,3des-sha1
    phase2alg=aes256-sha1,aes128-sha1,3des-sha1
    type=transport
    left=<IP SERVER>
    leftprotoport=17/1701
    right=%any
    rightprotoport=17/%any
    dpddelay=10
    dpdtimeout=20
    dpdaction=clear

/etc/ipsec.secrets

โค๊ด: [Select]

include /var/lib/openswan/ipsec.secrets.inc

<IPSERVER>   %any:  PSK "ipsecsecretkey"

/etc/xl2tpd/xl2tpd.conf

โค๊ด: [Select]

[global]
ipsec saref = no

[lns default]
ip range = 10.152.2.2-10.152.2.254
local ip = 10.152.2.1
require chap = yes
refuse pap = yes
require authentication = yes
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes

/etc/xl2tpd/l2tp-secrets

โค๊ด: [Select]

* * l2tpsecret

/etc/ppp/options.xl2tpd

โค๊ด: [Select]

refuse-mschap-v2
refuse-mschap
ms-dns 8.8.8.8
ms-dns 8.8.4.4
asyncmap 0
auth
crtscts
idle 1800
mtu 1200
mru 1200
lock
hide-password
local
#debug
name l2tpd
proxyarp
lcp-echo-interval 30
lcp-echo-failure 4

/etc/ppp/chap-secrets

โค๊ด: [Select]

l2tpuser * l2tppass *