Scribd Logo
Upload

Welcome to Scribd!

  • L2TP IPSec

    Uploaded by

    snakemanhr
    6 views3 pages
    Configuration d'un serveur L2TP-IPSEC sur Android

    Original Title

    L2TP-IPSec

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Configuration d'un serveur L2TP-IPSEC sur Android

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    6 views3 pages

    L2TP IPSec

    Uploaded by

    snakemanhr
    Configuration d'un serveur L2TP-IPSEC sur Android

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    Serveur L2TP/IPsec

    1. Installation L2TP & & openswan

    # apt-get install xl2tpd openswan ppp

    2. Configuration IPSec / Openswan :

     Editer le fichier /etc/ipsec.conf :

    config setup
    nat_traversal=yes
    virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!10.152.2.0/24
    oe=off
    protostack=netkey

    conn L2TP-PSK-NAT
    rightsubnet=vhost:%priv
    also=L2TP-PSK-noNAT

    conn L2TP-PSK-noNAT
    authby=secret
    pfs=no
    auto=add
    keyingtries=3
    rekey=no
    dpddelay=30
    dpdtimeout=120
    dpdaction=clear
    ikelifetime=8h
    keylife=1h
    type=transport
    left=192.168.0.253
    leftprotoport=17/1701
    right=%any
    rightprotoport=17/%any
    forceencaps=yes

     Editer le fichier /etc/ipsec.secrets :

    192.168.0.253 %any: PSK "secret123"

    3. L2TP
     Editer le fichier /etc/xl2tpd/xl2tpd.conf :

    [global]
    ipsec saref = no

    [lns default]
    ip range = 10.152.2.2-10.152.2.254
    local ip = 10.152.2.1
    require chap = yes
    refuse pap = yes
    require authentication = yes
    ppp debug = yes
    pppoptfile = /etc/ppp/options.xl2tpd
    length bit = yes

     Editer le fichier /etc/xl2tpd/l2tp-secrets :

    * * challenge
     Editer le fichier /etc/ppp/options.xl2tpd :

    refuse-mschap-v2
    refuse-mschap
    ms-dns 8.8.8.8
    ms-dns 8.8.4.4
    asyncmap 0
    auth
    crtscts
    idle 1800
    mtu 1200
    mru 1200
    lock
    hide-password
    local
    #debug
    name l2tpd
    proxyarp
    lcp-echo-interval 30
    lcp-echo-failure 4

    4. Ajouter les utilisateurs :

     Editer le fichier /etc/ppp/chap-secrets :

    user1 l2tpd password *


    user2 * password *

    5. Activer la redirection des paquets

     Ajouter la ligne dans le fichier /etc/sysctl.conf :


    net.ipv4.ip_forward=1

    6. Redémarrer le serveur
    7. Client Android 4.1 :
    Secret L2TP : challenge
    Clé Pré-partagée : secret123
     Utilisateur : user1
     Mot de passe : password

    You might also like