Displaying keyword search results 1 - 3
Created by magnum on September 27, 2011 11:57:49 Last update: October 05, 2011 12:20:00
This procedure sets up an IPSec vpn server on Linux with Preshared Key (PSK) using Openswan . Install Openswan:
# yum install openswanEdit /etc/ipsec.conf . This is about the minimum needed to run IPSec server. Instead of running L2TP on port 1701, I'm running TCP on port 8080 so that I can test the setup with nc later.
# /etc/ipsec.conf - Openswan IPsec configurati...Edit /etc/ipsec.secrets .
# # Preshared key for clients connecting from a...Start IPSec:
# /etc/init.d/ipsec startCheck status:
# ipsec auto --statusMonitor IPSec log:
# less /var/log/secureIf IPSec is running KLIPS, you should see a new nic ( ipsec0 ). There's no ipsec0 if IPSec is running NETKEY.
# ifconfig eth0 Link encap:Ethernet HWadd...
Created by magnum on September 28, 2011 09:31:58 Last update: September 28, 2011 09:31:58
This procedure works for xl2tpd . Edit L2TP configuration file /etc/xl2tpd/xl2tpd.conf :
; ; This is a minimal sample xl2tpd configurati...Edit PPP options file for L2TP /etc/ppp/options.xl2tpd.client :
ipcp-accept-local ipcp-accept-remote refuse-...Edit PPP authentication file /etc/ppp/chap-secrets :
# Secrets for authentication using CHAP # serve...Start xl2tpd :
# /etc/init.d/xl2tpd startConnect to the server:
# echo "c vpnserver" >/var/run/xl2tpd/l2tp-controlTail /var/log/messages , you should see something like:
Sep 28 11:05:46 sta101894 pppd: pppd 2.4.5 ...ifconfig should show that ppp0 is added:
# ifconfig ppp0 ppp0 Link encap:Point-to-P...To tear down the vpn:
# echo "d vpnserver" >/var/run/xl2tpd/l2tp-controlIf authentication fails, try to set "require authentication" to no on both server and client and restart xl2tpd on both sides:
# /etc/init.d/xl2tpd restart # echo "c vpnserve......
Created by magnum on September 27, 2011 12:55:51 Last update: September 27, 2011 12:55:51
These steps set up a Linux host as IPSec client, using Openswan . Install Openswan:
# yum install openswanEdit /etc/ipsec.conf . Instead of L2TP on port 1701, I'm setting up TCP on port 8080 so that I can test the connection with nc .
# /etc/ipsec.conf - Openswan IPsec configuration f...Edit /etc/ipsec.secrets .
# include /etc/ipsec.d/*.secrets 192.168.0.101 ...Start IPSec:
# /etc/init.d/ipsec startConnect to IPSec server:
# ipsec auto --up TCP8080-PSK-CLIENT 104 "TCP80...