daily pastebin goal
46%
SHARE
TWEET

Untitled

a guest Apr 16th, 2018 96 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Configure strongSwan:
  2.  
  3. cat > /etc/ipsec.conf <<EOF
  4. # ipsec.conf - strongSwan IPsec configuration file
  5.  
  6. # basic configuration
  7.  
  8. config setup
  9.   # strictcrlpolicy=yes
  10.   # uniqueids = no
  11.  
  12. # Add connections here.
  13.  
  14. # Sample VPN connections
  15.  
  16. conn %default
  17.   ikelifetime=60m
  18.   keylife=20m
  19.   rekeymargin=3m
  20.   keyingtries=1
  21.   keyexchange=ikev1
  22.   authby=secret
  23.   ike=aes128-sha1-modp1024,3des-sha1-modp1024!
  24.   esp=aes128-sha1-modp1024,3des-sha1-modp1024!
  25.  
  26. conn myvpn
  27.   keyexchange=ikev1
  28.   left=%defaultroute
  29.   auto=add
  30.   authby=secret
  31.   type=transport
  32.   leftprotoport=17/1701
  33.   rightprotoport=17/1701
  34.   right=$VPN_SERVER_IP
  35. EOF
  36.  
  37. cat > /etc/ipsec.secrets <<EOF
  38. : PSK "$VPN_IPSEC_PSK"
  39. EOF
  40.  
  41. chmod 600 /etc/ipsec.secrets
  42.  
  43. # For CentOS/RHEL & Fedora ONLY
  44. mv /etc/strongswan/ipsec.conf /etc/strongswan/ipsec.conf.old 2>/dev/null
  45. mv /etc/strongswan/ipsec.secrets /etc/strongswan/ipsec.secrets.old 2>/dev/null
  46. ln -s /etc/ipsec.conf /etc/strongswan/ipsec.conf
  47. ln -s /etc/ipsec.secrets /etc/strongswan/ipsec.secrets
  48. Configure xl2tpd:
  49.  
  50. cat > /etc/xl2tpd/xl2tpd.conf <<EOF
  51. [lac myvpn]
  52. lns = $VPN_SERVER_IP
  53. ppp debug = yes
  54. pppoptfile = /etc/ppp/options.l2tpd.client
  55. length bit = yes
  56. EOF
  57.  
  58. cat > /etc/ppp/options.l2tpd.client <<EOF
  59. ipcp-accept-local
  60. ipcp-accept-remote
  61. refuse-eap
  62. require-chap
  63. noccp
  64. noauth
  65. mtu 1280
  66. mru 1280
  67. noipdefault
  68. defaultroute
  69. usepeerdns
  70. connect-delay 5000
  71. name $VPN_USER
  72. password $VPN_PASSWORD
  73. EOF
  74.  
  75. chmod 600 /etc/ppp/options.l2tpd.client
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top