User Tools

Site Tools


debian_l2tp_pptp

PPTP server:

/etc/pptpd.conf

option /etc/ppp/pptpd-options
logwtmp
localip 10.51.0.1

/etc/ppp/pptpd-options

name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
#require-mppe-128
ms-dns 1.1.1.1
ms-dns 4.2.2.1
ms-dns 8.8.8.8
proxyarp
lock
nobsdcomp
novj
novjccomp
nologfd
nodefaultroute

L2TP server

/etc/xl2tpd/xl2tpd.conf

[global]  ; Global parameters:
port = 1701  ; * Bind to port 1701
ipsec saref = yes
[lns default]  ; Our fallthrough LNS definition
ip range = 10.52.0.2-10.52.1.100  ; * Allocate from this IP range
local ip = 10.52.0.1  ; * Our local IP to use
length bit = yes  ; * Use length bit in payload?
refuse pap = yes  ; * Refuse PAP authentication
refuse chap = yes  ; * Refuse CHAP authentication
require authentication = yes  ; * Require peer to authenticate
pppoptfile = /etc/ppp/options.xl2tpd  ; * ppp options file

/etc/ppp/options.xl2tpd

require-mschap-v2
#require-mppe
refuse-pap
refuse-chap
refuse-eap
refuse-mschap
ms-dns 1.1.1.1
ms-dns 8.8.4.4
asyncmap 0
auth
crtscts
lock
hide-password
modem
debug
name xl2tpd
proxyarp
lcp-echo-interval 30
lcp-echo-failure 4
nodefaultroute

Secrets

/etc/ppp/chap-secrets

# Secrets for authentication using CHAP
# client        server  secret                  IP addresses
user1 pptpd abcDEF123$%^ "10.51.0.2"
user2 * defABC456!@# "10.52.0.2"

Routes behind clients

/etc/ppp/ip-up.d/01_l2tp_routes

#!/bin/bash
ip route add 192.168.42.0/24 via 10.52.0.2 metric 2
exit 0
debian_l2tp_pptp.txt · Last modified: 2019/09/13 06:26 by admin