IPSEC

Aus darkrealm Wiki
Zur Navigation springen Zur Suche springen

IPSEC

iPhone 4 /w iOS 5.1.1

Working config with openswan & xl2tpd :

/etc/ipsec.conf 



version	2.0

config setup
		dumpdir=/var/run/pluto/
		nat_traversal=yes
		virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v6:fd00::/8,%v6:fe80::/10
		oe=off
		protostack=netkey

conn %default
		dpdaction=clear
		dpddelay=10
		dpdtimeout=30

conn iphone
		left=192.168.0.252
		leftprotoport=17/1701

		right=%any
		rightprotoport=17/%any

		authby=secret

		pfs=no
		auto=add

/etc/xl2tpd/xl2tpd.conf 

[global]
debug tunnel = yes
debug state = yes
debug avp = yes
debug packet = yes
debug network = yes

[lns default]
ip range = 192.168.1.1 - 192.168.1.253
local ip = 192.168.1.254
require chap = yes
refuse pap = yes
require authentication = yes
name = OpenswanVPN
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes

/etc/ppp/options.xl2tpd 

ms-dns 192.168.0.252
ms-dns 192.168.0.251
ms-wins 192.168.0.252
noccp
auth
crtscts
idle 1800
mtu 1400
mru 1400
nodefaultroute
debug
lock
proxyarp
connect-delay 5000
logfile /var/log/pppd-xl2tpd.log

Working config with pure openswan :

ATTENTION: /etc/ipsec.d/passwd MUST have a connection description at end

Abgerufen von „https://darkrealm-wiki.darkrealm.dyndns.org/index.php?title=IPSEC&oldid=90