Linux L2TP配置手记(不包含ipsec)

因为PPTP的不稳定性，考虑采用L2TP替代。缺点是客户连接时需要修改注册表。

配置文件

vim /etc/xl2tpd/xl2tpd.conf

[global]

;listen-addr = 1.1.1.1

;

; requires openswan-2.5.18 or higher – Also does not yet work in combination

; with kernel mode l2tp as present in linux 2.6.23+

; ipsec saref = yes

; forceuserspace = yes

;

; debug tunnel = yes

auth file = /etc/ppp/chap-secrets

[lns default]

ip range = 192.168.8.11-192.168.8.250

local ip = 192.168.8.1

lac = 0.0.0.0-255.255.255.255

require chap = yes

refuse pap = yes

require authentication = yes

name = www.vpn38.net

pppoptfile = /etc/ppp/options.xl2tpd

length bit = yes

vim /etc/ppp/options.xl2tpd

ipcp-accept-local

ipcp-accept-remote

ms-dns  8.8.4.4

auth

crtscts

idle 1800

mru 1410

defaultroute

lock

proxyarp

connect-delay 5000

注意：在WIN下连接需要修改注册表，因为默认要用ipsec

安装

http://linuxexplore.wordpress.com/how-tos/l2tp-vpn-using-xl2tpd/

国内的先行者

http://www.linuxforum.net/forum/showflat.php?Board=proxy&Number=491080

http://www.chinaunix.net/jh/50/1115554.html