We found 11 results for your search.
In iOS IPSec VPN Server on Ubuntu, I host a VPN on Ubuntu 13.10 based on StrongSwan 4.x, working for iOS, but not for OSX. Then I upgraded to Ubuntu 14.04, which has StrongSwan upgraded to 5.x, error like:
|
1 |
Apr 24 14:56:46 sskaje charon: 15[CFG] no XAuth method found |
To fix this, install all strongswan’s plugins by:
|
1 |
apt-get install strongswan-* |
And make some changes to configurations: […]
I Google-ed a lot configuring IPSec VPN for iOS with OpenSwan, nothing useful but Iphone/Ipad/Mac OSX IPSEC VPN with Strongswan 5 on Centos/RHEL 6 which is on RHEL/CentOS and with strongswan found. I tried to configure openswan like strong swan, failed. StrongSwan‘s official wiki helps a lot: http://wiki.strongswan.org/projects/strongswan/wiki/IOS_(Apple)/23 iOS 4 and newer supports native IPsec […]
以前自己用 strongswan 等软件配 IPSec site-to-site 的时候,可以直接指定客户端的 IP 是 0.0.0.0,Azure 的 site-to-site IPSec VPN 必须要指定客户端 IP。 PowerShell 爱好者可以参考 https://www.hayesjupe.com/using-azure-rm-site-to-site-vpn-with-a-dynamic-ip/ 这篇文章。 我还是习惯用 Linux,于是使用 Azure CLI 来解决这个问题。 在 VPN 的 Virtual Network 里放置一台 Linux 虚拟机。按照上述连接里的说明安装软件。接下来开始操作。 1 登录 SSH 登录虚拟机后,执行命令,并按照输出,用浏览器登录 Azure 账号,完成认证。
|
1 2 |
$ az login To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code XXXXXXX to authenticate. |
如果是中国区 Azure,先需要设置服务器
|
1 2 3 4 |
$ az cloud set -n AzureChinaCloud Switched active cloud to 'AzureChinaCloud'. Use 'az login' to log in to this cloud. Use 'az account set' to set the active subscription. |
如果需要切换回海外版本
|
1 |
$ az cloud set -n AzureCloud |
2 添加更新服务 参考 DDNS 的玩法,让客户端定期更新IP。服务端可以简单地将数据记录到数据库、文件、或者任何地方,配置一个 cron 来执行更新检测和 Gateway IP 更新。 3 […]
EdgeRouter Lite with Firmware 1.9.0 L2TP PSK Mode. WAN interface: eth1 LAN IP: 192.168.3.1 VPN Subnets: 192.168.47.1-192.168.47.99 Run commands below in ‘configure mode’. 1 Configure IPSec
|
1 2 3 4 |
set vpn ipsec auto-firewall-nat-exclude disable set vpn ipsec ipsec-interfaces interface eth1 set vpn ipsec nat-networks allowed-network 0.0.0.0/0 set vpn ipsec nat-traversal enable |
2 Configure L2TP
|
1 2 3 4 5 6 7 8 9 |
set vpn l2tp remote-access authentication local-users username USERNAME password PASSWORD set vpn l2tp remote-access authentication mode local set vpn l2tp remote-access client-ip-pool start 192.168.47.1 set vpn l2tp remote-access client-ip-pool stop 192.168.47.99 set vpn l2tp remote-access dns-servers server-1 192.168.3.1 set vpn l2tp remote-access ipsec-settings authentication mode pre-shared-secret set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret PreShar3dSecRe7 set vpn l2tp remote-access ipsec-settings ike-lifetime 3600 set vpn l2tp remote-access outside-address 0.0.0.0 |
3 Configure DNS Make sure you have following lines, otherwise you can get DNS resolved.
|
1 2 |
set service dns forwarding options bind-interfaces set service dns forwarding options except-interface=eth1 |
Link to this post!
背景及目标 买了个Ubnt EdgeRouter Lite,应同事的需求,研究配置自动翻墙。 考虑过之前配置的各种VPN:PPTP、L2TP、IPSec、AnyConnect/OpenConnect。目前搞定的只有PPTP。 本次配置使用远程PPTP Server,只考虑Google、Twitter和Facebook的自动翻墙,其他可以参照思路自己加路由和NAT。 环境 假设网络已经配置好,eth0为内网口,eth1为外网口。 Link to this post!