Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- VPN_HOSTNAME="gateway.something.com"
- VPN_USERNAME="username"
- VPN_PASSWORD="password"
- VPN_KEY="imasupersecret"
- cat >/etc/ipsec.conf <<EOF
- config setup
- conn %default
- ikelifetime=60m
- keylife=20m
- rekeymargin=3m
- keyingtries=1
- keyexchange=ikev1
- authby=secret
- ike=aes128-sha1-modp1024,3des-sha1-modp1024!
- esp=aes128-sha1-modp1024,3des-sha1-modp1024!
- conn vpnname
- keyexchange=ikev1
- left=%defaultroute
- auto=add
- authby=secret
- type=transport
- leftprotoport=17/1701
- rightprotoport=17/1701
- right=$VPN_HOSTNAME
- EOF
- cat >/etc/ipsec.secrets <<EOF
- : PSK $VPN_KEY
- EOF
- cat >/etc/xl2tpd/xl2tpd.conf <<EOF
- [lac vpnname]
- lns = $VPN_HOSTNAME
- ppp debug = yes
- pppoptfile = /etc/ppp/options.l2tpd.client
- length bit = yes
- bps = 1000000
- EOF
- cat >/etc/ppp/options.l2tpd.client <<EOF
- ipcp-accept-local
- ipcp-accept-remote
- refuse-eap
- require-pap
- noccp
- noauth
- idle 1800
- mtu 1410
- mru 1410
- defaultroute
- usepeerdns
- debug
- connect-delay 5000
- EOF
- echo "name $VPN_USERNAME" >>/etc/ppp/options.l2tpd.client
- echo "password $VPN_PASSWORD" >>/etc/ppp/options.l2tpd.client
- mkdir -p /var/run/xl2tpd
- touch /var/run/xl2tpd/l2tp-control
- for i in strongswan.service xl2tpd.service; do systemctl start $i; done
Add Comment
Please, Sign In to add comment