实验环境
cat /etc/redhat-release && uname -a
CentOS Linux release 7.8.2003 (Core)
Linux centos7 3.10.0-1127.el7.x86_64 #1 SMP Tue Mar 31 23:36:51 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
systemctl stop firewalld && systemctl disable firewalld
echo SELINUX=disabled > /etc/sysconfig/selinux && ntpdate && hwclock -w
软件安装
yum install -y yum-utils docker-ce-18.06.3.ce
systemctl daemon-reload
systemctl start docker && systemctl enable docker
docker --version
Docker version 18.06.2-ce, build 6d37f41
modprobe af_key && lsmod | grep af
af_key 40225 0
touch /usr/local/docker/xl2tp/vpn.env
cat /usr/local/docker/xl2tp/vpn.env
VPN_IPSEC_PSK=123456 共享密钥
VPN_USER=test 远程用户名
VPN_PASSWORD=123456 远程用户密码
docker pull hwdsl2/ipsec-vpn-server
docker run -itd --name xl2tp \
--restart=always --privileged=true \
-p 500:500/udp -p 4500:4500/udp \
--env-file /usr/local/docker/xl2tp/vpn.env \
-v /usr/local/docker/xl2tp/:/lib/modules:ro \
--net=host hwdsl2/ipsec-vpn-server \
docker logs -f xl2tp
Connect to your new VPN with these details:
Server IP: 111.198.226.118
IPsec PSK: 123456
Username: test
Password: 123456
pluto[366]: adding UDP interface docker0 172.17.0.1:500
pluto[366]: adding UDP interface docker0 172.17.0.1:4500
pluto[366]: adding UDP interface ens32 192.168.10.18:500
pluto[366]: adding UDP interface ens32 192.168.10.18:4500
ip addr | grep ppp
5: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1280 qdisc pfifo_fast state UNKNOWN group default qlen 3
link/ppp
inet 192.168.42.1 peer 192.168.42.10/32 scope global ppp0
netstat -tuplna | grep LISTEN
udp 0 0 192.168.10.18:4500 0.0.0.0:* 1955/pluto
udp 0 0 192.168.10.18:500 0.0.0.0:* 1955/pluto
docker save hwdsl2/ipsec-vpn-server > xl2tp_images.tar.gz 备份镜像
docker load -i xl2tp_images.tar.gz 导入镜像
docker export xl2tp > xl2tp_docker.tar.gz 备份容器
docker import xl2tp > xl2tp_docker.tar.gz 恢复容器
windows客户端配置
选项设置共享密钥
选项配置防止服务器 宿主机无法上网 (网关冲突)
windows客户端拨号错误解决方案
出现错误788:“ L2TP连接尝试失败,因为安全层无法与远程计算机协商兼容参数。(错误788)”
regedit-HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Rasman\Parameters;
