Содержание
yum install openswan xl2tpd ppp lsof
echo "net.ipv4.ip_forward = 1" | tee -a /etc/sysctl.conf echo "net.ipv4.conf.all.accept_redirects = 0" | tee -a /etc/sysctl.conf echo "net.ipv4.conf.all.send_redirects = 0" | tee -a /etc/sysctl.conf for vpn in /proc/sys/net/ipv4/conf/*; do echo 0 > $vpn/accept_redirects; echo 0 > $vpn/send_redirects; done sysctl -p
/etc/rc.local
for vpn in /proc/sys/net/ipv4/conf/*; do echo 0 > $vpn/accept_redirects; echo 0 > $vpn/send_redirects; done iptables -t nat -A POSTROUTING -j SNAT --to-source %SERVERIP%
%SERVERIP% — ваш ip vpn сервера
/etc/ipsec.conf
version 2.0 config setup protostack=netkey nat_traversal=yes virtual_private=%v4:192.168.1.0/24 oe=off plutodebug=none plutostderrlog=/var/log/pluto.log interfaces=%defaultroute klipsdebug=none conn L2TP-PSK authby=secret pfs=no auto=add keyingtries=3 rekey=no type=tunnel esp=aes256-sha1 ike=aes256-sha-modp1024 forceencaps=yes right=%any rightsubnet=vhost:%any,%priv rightprotoport=17/0 left=%defaultroute leftprotoport=17/1701 dpddelay=10 dpdtimeout=90 dpdaction=clear /etc/ipsec.secrets
ipsec saref = yes
force userspace = yes
[lns default]
ip range = 172.16.0.30-172.16.0.100
local ip = 172.16.0.1
refuse pap = yes
require authentication = yes
ppp debug = no
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes
/etc/ppp/options.xl2tpd require-mschap-v2 ms-dns 8.8.8.8 ms-dns 8.8.4.4 noproxyarp asyncmap 0 auth crtscts lock hide-password modem debug logfile /var/log/ppp/ppp.log /etc/ppp/chap-secrets