需要安装的包
bash
apt-get install xl2tpd配置
修改:/etc/xl2tpd/xl2tpd.conf
bash
[global]
auth file = /etc/ppp/chap-secrets
[lns default]
; 分配给客户端的ip地址段
ip range = 192.168.24.100-192.168.24.200
; 本机ppp端ip地址
local ip = 192.168.24.1
require chap = yes
refuse pap = yes
require authentication = yes
name = Linuxvpnserver
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes更改DNS:/etc/ppp/options
bash
ms-dns 192.168.7.1修改/etc/ppp/chap-secrets
增加拨号用户和密码,一行一个,一行有4个字段分别是,第一列是用户名,第二列是server即为options.xl2tp中的name,参数*代表所有,第三列是密码,第四列是允许的IP(*为全部允许),用tab分隔
bash
# Secrets for authentication using CHAP
# client server secret IP addresses
root * root123 *路由转发配置iptables
bash
iptables -t nat -A POSTROUTING -s 192.168.24.0/24 -j SNAT --to-source 192.168.7.207
iptables -t nat -A POSTROUTING -o ens33 -j MASQUERADE
sudo iptables -t nat -L -n
iptables -t nat -D POSTROUTING 1
# iptables持久化
sudo apt-get install iptables-persistent编辑/etc/sysctl.conf
bash
net.ipv4.ip_forward = 1运行命令生效
sysctl -p路由器添加端口转发 1701、4500、500