cent os 怎么搭建l2tp代理

如题所述

推荐答案 2015-06-11

1
å®è£éè¦çè½¯ä»¶
yum install make gcc gmp-devel bison flex lsof wget libpcap-devel ppp policycoreutils
2
å®è£Openswan
wget --no-check-certificate http://www.openswan.org/download/openswan-2.6.35.tar.gztar -zxvf openswan-2.6.35.tar.gzcd openswan-2.6.35make programs install
3
éç½®IPSec
vi /etc/ipsec.conf
æ¾å°protostack=autoï¼ä¿®æ¹ä¸º
protostack=netkey
ç¶åå¨æåå ä¸ï¼
conn L2TP-PSK-NATrightsubnet=vhost:%privalso=L2TP-PSK-noNAT
conn L2TP-PSK-noNATauthby=secretpfs=noauto=addkeyingtries=3rekey=noikelifetime=8hkeylife=1htype=transportleft=YOUR.SERVER.IP.ADDRESSleftprotoport=17/1701right=%anyrightprotoport=17/%any
è®°å¾æYOUR.SERVER.IP.ADDRESSæ¹æä½ èªå·±æå¡å¨çIPå°åã
4
è®¾ç½®å±äº«å¯é¥PSK
vi /etc/ipsec.secrets
å¡«å¥ä»¥ä¸ä»£ç ï¼æYOUR.SERVER.IP.ADDRESSæ¹æä½ èªå·±æå¡å¨çIPå°åã
YOUR.SERVER.IP.ADDRESS %any: PSK "YourSharedSecret"
5
ä¿®æ¹åè½¬åè®¾ç½®ï¼ä¸é¢ä¸ºä¸¤æ®µä»£ç ï¼åå«è¿è¡
for each in /proc/sys/net/ipv4/conf/*doecho 0 > $each/accept_redirectsecho 0 > $each/send_redirectsdone
è¿æ¯å¦å¤ä¸æ®µä»£ç
echo 1 >/proc/sys/net/core/xfrm_larval_drop
ä¿®æ¹åæ ¸è®¾ç½®
vi /etc/sysctl.conf
æ¾å°"net.ipv4.ip_forward"ï¼å°å¶å¼æ¹ä¸º1ï¼ç¶åéå¯ä½¿å¶çæã
sysctl -p
éå¯IPSec
/etc/init.d/ipsec restart
å®è£xl2tpdårp-l2tp
wget http://sourceforge.net/projects/rp-l2tp/files/rp-l2tp/0.4/rp-l2tp-0.4.tar.gztar -zxvf rp-l2tp-0.4.tar.gzcd rp-l2tp-0.4./configuremakecp handlers/l2tp-control /usr/local/sbin/mkdir /var/run/xl2tpd/ln -s /usr/local/sbin/l2tp-control /var/run/xl2tpd/l2tp-control
wget http://www.xelerance.com/wp-content/uploads/software/xl2tpd/xl2tpd-1.3.0.tar.gztar -zxvf xl2tpd-1.3.0.tar.gzcd xl2tpd-1.3.0makemake install
å»ºç«xl2tpdéç½®æä»¶
mkdir /etc/xl2tpdvi /etc/xl2tpd/xl2tpd.conf
è¾å¥
[global]ipsec saref = yes
[lns default]ip range = 10.82.88.2-10.82.88.254local ip = 10.82.88.1refuse chap = yesrefuse pap = yesrequire authentication = yesppp debug = yespppoptfile = /etc/ppp/options.xl2tpdlength bit = yes
éç½®pppï¼å»ºç«options.xl2tpdæä»¶
vi /etc/ppp/options.xl2tpd
è¾å¥
require-mschap-v2
ms-dns 8.8.8.8
ms-dns 8.8.4.4
asyncmap 0
auth
crtscts
lock
hide-password
modem
debug
name l2tpd
proxyarp
lcp-echo-interval 30
lcp-echo-failure 4
è®¾ç½®æ¨å·ç¨æ·ååå¯ç
vi /etc/ppp/chap-secrets
æ ¹æ®è¯´æè¾å¥ç¨æ·åãå¯ç çï¼ä¾å¦ï¼
jackie * jackie *
æ·»å iptablesè½¬åè§å
iptables --table nat --append POSTROUTING --jump MASQUERADE
ä¿åiptablesè½¬åè§å
/etc/init.d/iptables save
éå¯iptables
/etc/init.d/iptables restart
ä»¥debugæ¹å¼å¯å¨l2tpï¼æ¥çææ éè¯¯
xl2tpd -D
å¦æçå°"Listening on IP address 0.0.0.0, port 1701"è¯´æéç½®æåäºï¼ä½æ¯æ¤æ¶ä½ ä¸ä¸å®è½è¿ä¸VPNï¼éç½®å¥½ä¹åéå¯ä¸ä¸æå¡å¨ã
è®¾ç½®å¼æºå¯å¨
vi /etc/rc.local
å¨rc.localä¸å å¥
for each in /proc/sys/net/ipv4/conf/*doecho 0 > $each/accept_redirectsecho 0 > $each/send_redirectsdone
echo 1 >/proc/sys/net/core/xfrm_larval_drop
/etc/init.d/ipsec restart
/usr/local/sbin/xl2tpd

温馨提示：答案为网友推荐，仅供参考

当前网址：http://44.wendadaohang.com/zd/YRRRZKYD33YWR33WGV.html

其他回答

第1个回答 2020-08-10

第一步：安装：兔子IP代理（下载手机版）
第二步：注册免费账号
第三步：连接你要修改的城市节点
第四步：打开浏览器查询IP是你修改之后的IP
就可以解决你的问题了。
解决网络卡顿

相似回答

大家正在搜

2008搭建l2tp 搭建l2tp l2tp搭建教程 l2tp服务器搭建如何搭建ipsec服务器 ipsec服务器搭建 ipsec搭建路由器搭建l2tp cent os7关闭防火墙