vyos ipsec l2tp simple experiment

vyos ipsec l2tp simple experiment

参考 https://docs.vyos.io/en/latest/configuration/vpn/l2tp.html

 

简单拓扑结构

 

ipsec l2tp 配置内容

set vpn ipsec ipsec-interfaces interface 'eth1'
set vpn ipsec nat-networks allowed-network 0.0.0.0/0
set vpn ipsec nat-traversal 'enable'

set vpn l2tp remote-access authentication local-users username testl2tp01 password '123456'
set vpn l2tp remote-access authentication mode 'local'
set vpn l2tp remote-access client-ip-pool start '172.16.119.11'
set vpn l2tp remote-access client-ip-pool stop '172.16.119.19'

set vpn l2tp remote-access ipsec-settings authentication mode 'pre-shared-secret'
set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret 'MYSECRETKEY'

set vpn l2tp remote-access ipsec-settings ike-lifetime '3600'
set vpn l2tp remote-access ipsec-settings lifetime '3600'

set vpn l2tp remote-access mtu '1450'
set vpn l2tp remote-access name-server '114.114.114.114'

set vpn l2tp remote-access outside-address '203.0.110.11'

 

查看 ipsec sa

 

查看ipsec l2tp 客户端

 

========= End

 

posted @ 2020-12-18 14:09  lsgxeva  阅读(498)  评论(0编辑  收藏  举报