Home | 簡體中文 | 繁體中文 | 雜文 | 打賞(Donations) | ITEYE 博客 | OSChina 博客 | Facebook | Linkedin | 知乎專欄 | Search | Email

4.7. VPN 配置

4.7.1. l2tp vpn

[Netkiller]l2tp enable
[Netkiller]domain system
[Netkiller-isp-system]ip pool 1 172.16.1.10 172.16.1.250
[Netkiller-isp-system]quit

[Netkiller]local-user vpn
New local user added.
[Netkiller-luser-vpn]password simple netkiller
[Netkiller-luser-vpn]service-type ppp
[Netkiller-luser-vpn]quit

[Netkiller]interface Virtual-Template 0
[Netkiller-Virtual-Template0]ppp authentication-mode pap
[Netkiller-Virtual-Template0]ip address 172.16.1.254 255.255.255.0
[Netkiller-Virtual-Template0]remote address pool 1
[Netkiller-Virtual-Template0]quit

[Netkiller]l2tp-group 1
[Netkiller-l2tp1]allow l2tp virtual-template 0
[Netkiller-l2tp1]undo tunnel authentication
[Netkiller-l2tp1]mandatory-lcp
[Netkiller-l2tp1]quit

			

[Netkiller-l2tp1]display l2tp session
 Total session = 1

 LocalSID  RemoteSID  LocalTID  
  29030     1          1 			
			
[Netkiller-l2tp1]display l2tp tunnel
 Total tunnel = 1

 LocalTID RemoteTID RemoteAddress    Port   Sessions RemoteName
 1        19        192.168.4.69     1701   1        DESKTOP-KLBD3DS 			
			

4.7.2. ipsec

[Netkiller]dis ike proposal    
 priority authentication authentication encryption Diffie-Hellman duration
              method       algorithm    algorithm     group       (seconds)
---------------------------------------------------------------------------
  1        PRE_SHARED     SHA         AES_CBC_256     MODP_1536      86400    
  default  PRE_SHARED     SHA         DES_CBC         MODP_768       86400  			
			
[Netkiller]dis ipsec proposal 1

  IPsec proposal name: 1
    encapsulation mode: transport
    transform: esp-new
    ESP protocol: authentication sha1-hmac-96, encryption 128-bits aes