Ubuntu 12.04 builds L2TP server records.

1. Installing Openswan

Apt-get Install Openswan

2. Open the/etc/ipsec.conf file and make the following configuration:

Where Virtual_privat contains the network address allowed to be configured as the subnet on which the remote client resides. In other words, These address ranges should be the addresses of the clients behind the NAT router.

　　Settings ikelifetime and keylife are consistent with the default settings for Windows.

Replace the%your_server_ip% with the IP of this server.

　　to support the old client, you need to set leftprotoport=/% Any, Otherwise you can set Leftprotoport=17/1701.

Important Note Your ipsec.conf file, "Config Setup" and "L2tp-psk-nat", "L2tp-psk-nat" should be written in a costume, while other lines should be indented with 8 spaces.

3. Open/etc/ipsec.secrets, configure:

　　

Replace the%your_server_ip% with the IP of this server. Do not delete any of the preceding%. "This_is_your_psk" is a pre-shared key.

4. Start the IPSec service to verify that IPSec is working correctly:

/etc/ init. D/IPSec start or service IPSec restart

IPSec Verify

The above configuration can be tested and run normally. appear saref kernel support for [n/a] situation, see others Tutorial Modify xl2tpd.conf in the ipsec saref = No can be fixed, I test failed to implement, but for [n/A] The situation does not affect the VPN setup and use.

Under 5./ETC/INIT.D, create a file named Ipsec.vpn with the following content:

This configures firewall forwarding. Remember to modify the local IP address pool of the above file 10.1.2.0/24 for your own.

Then set the executable permission to this file: chmod 755 Ipsec.vpn

Disables the default IPSec service script from running:update-RC. D -f IPSec remove

Then, enable the one we just customized:update-RC. d IPSec. VPN defaults

6. Installing L2tp:apt-get Install XL2TPD

Modify/etc/xl2tpd/xl2tpd.conf:

Replace%your_server_ip% with this server's IP

7. Open the file/etc/ppp/options.xl2tpd, do the following configuration:

Replace%your_dns_1% and%your_dns_2% with DNS that you can use

7. Open the file/etc/ppp/chap-secrets, do the following configuration:

　　

User is the login username and pass is the login password.

Server = the name defined in the above/etc/ppp/options.xl2tpd. * denotes arbitrary.

IP addresses = * Indicates that the user can connect from any address, otherwise set the user to connect only from a specific address

8. Configure IP Forwarding,/etc/sysctl.conf

There are too many comments in the document, it is too difficult to find the statement, choose to add the following statement at the end of the document:

　　

Load a new configuration: sysctl -p

9. Start the VPN:

　　/etc/init. D/IPSec. VPN restart or service Ipsec.vpn restart

　　/etc/init. D/xl2tpd Restart or service xl2tpd restart

10. At this point, the VPN configuration is complete, you can test the link. After testing, the phone can be connected normally, the WINDOWS10 operating system can be connected normally.

The Windows 8 operating system does not connect properly for the following reasons:

Http://serverfault.com/questions/474742/simple-l2tp-ipsec-server-not-working-openswan-xl2tpd-ubuntu-windows

Workaround: https://support.microsoft.com/en-us/kb/926179 is not tested.

11. Debugging Method:

The log for the IPSec service is in/var/log/auth.log. The following record appears, stating that IPSec started successfully.

XL2TPD Service log in/var/log/syslog. Make the following configuration, which can be output separately:

To create a new file 20-xltpd.conf in/etc/rsyslog.d/, configure the following:

　　

Then the service rsyslog restart, XL2TPD logs are output separately to/var/log/xl2tpd.log

< Span class= "pun" >< Span class= "pun" >

< Span class= "pun" >< Span class= "pun" > You can use the following command on the server to monitor: tcpdump-i eth0 host Aaa. Bbb. Ccc. DDD and not port

There is no solution to the message file in the Ubuntu log: vim/etc/rsyslog.d/50-default.conf, find the output to message statement, cancel the comment.

< Span class= "pun" >< Span class= "pun" >< Span class= "pun" >< Span class= "KWD" > iptables some of the configurations are shown in the following tutorial.

< Span class= "pun" >< Span class= "pun" >< Span class= "pun" >< Span class= "KWD" > This essay reference tutorial: https:// linux.cn/article-3409-1.html

Http://blog.atime.me/note/l2tp_ipsec_installation_on_ubuntu.html

< Span class= "pun" >< Span class= "pun" >< Span class= "pun" >< Span class= "KWD" > Finally, it's important to say three times:

< Span class= "pun" >< Span class= "pun" >< Span class= "pun" >< Span class= "KWD" > don't delete the log files!

< Span class= "pun" >< Span class= "pun" >< Span class= "pun" >< Span class= "KWD" > don't delete the log files!

Do not delete log files casually!

Ubuntu 12.04 builds L2TP server records.