Changes

From SME Server
Jump to navigationJump to search

Libreswan-xl2tpd (view source)

Revision as of 05:05, 15 July 2022

225 bytes added ,  05:05, 15 July 2022
→‎IPsec settings
Line 1: Line 1:  
{{Languages}}
 
{{Languages}}
 
==Version==
 
==Version==
{{#smeversion: {{lc:{{FULLPAGENAME}}}} }}
+
{{#smeversion: smeserver-{{lc:{{FULLPAGENAME}}}} }}
    
==About==
 
==About==
Line 50: Line 50:     
  yum  install smeserver-extrarepositories-libreswan smeserver-extrarepositories-epel
 
  yum  install smeserver-extrarepositories-libreswan smeserver-extrarepositories-epel
 +
db yum_repositories setprop libreswan status enabled Priority 10
 
  signal-event yum-modify
 
  signal-event yum-modify
 
  config set UnsavedChanges no
 
  config set UnsavedChanges no
Line 68: Line 69:  
===Keys===
 
===Keys===
   −
These are the ipsec database keys required to setup the server
+
These are the basic database keys required to setup the server
 +
 
 +
======IPsec settings======
    
* IPRange Start/Finish
 
* IPRange Start/Finish
Line 74: Line 77:  
Note it '''MUST NOT''' conflict with IPs issued by your DHCP server
 
Note it '''MUST NOT''' conflict with IPs issued by your DHCP server
   −
db ipsec_connections setprop L2TPD-PSK IPRangeStart 192.168.1.176 IPRangeFinish 192.168.1.190
+
db ipsec_connections setprop L2TPD-PSK IPRangeStart 192.168.1.176 IPRangeFinish 192.168.1.190
    
* rightsubnet
 
* rightsubnet
 
This must be the subnet in CIDR format and match the IP range allocated above eg:
 
This must be the subnet in CIDR format and match the IP range allocated above eg:
   −
db ipsec_connections setprop L2TPD-PSK rightsubnet 192.178.1.176/28
+
db ipsec_connections setprop L2TPD-PSK rightsubnet 192.178.1.176/28
    
* passwd
 
* passwd
Line 87: Line 90:     
  db ipsec_connections setprop L2TPD-PSK password SomeLongComplicatedSecret
 
  db ipsec_connections setprop L2TPD-PSK password SomeLongComplicatedSecret
 +
db ipsec_connections setprop L2TPD-PSK password `openssl rand -base64 64|sed  '/.*$/N;s/\n//'`
    
Ensure the connection is enabled:
 
Ensure the connection is enabled:
Line 96: Line 100:  
  config setprop ipsec status enabled
 
  config setprop ipsec status enabled
   −
Xl2tps settings
+
======Xl2tps settings======
 +
 
 
* DNS
 
* DNS
 
Optional - defaults to the SME server. Can add extra servers if required
 
Optional - defaults to the SME server. Can add extra servers if required
Line 104: Line 109:  
Defaults to private. Not necessary to set public.
 
Defaults to private. Not necessary to set public.
   −
config setprop xl2tpd status enabled
+
* status
 +
config setprop xl2tpd status enabled
    
*UDPPort  
 
*UDPPort  
Unnilennium
Super Admin, Wiki & Docs Team, Bureaucrats, Interface administrators, Administrators
3,250

edits

Retrieved from "https://wiki.koozali.org/Special:MobileDiff/38310...41422"

Navigation menu