vyos ipsec l2tp simple experiment

 

简单拓扑结构

vyos ipsec l2tp simple experiment_ide

 

ipsec l2tp 配置内容



set vpn ipsec ipsec-interfaces interface 'eth1'
set vpn ipsec nat-networks allowed-network 0.0.0.0/0
set vpn ipsec nat-traversal 'enable'

set vpn l2tp remote-access authentication local-users username testl2tp01 password '123456'
set vpn l2tp remote-access authentication mode 'local'
set vpn l2tp remote-access client-ip-pool start '172.16.119.11'
set vpn l2tp remote-access client-ip-pool stop '172.16.119.19'

set vpn l2tp remote-access ipsec-settings authentication mode 'pre-shared-secret'
set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret 'MYSECRETKEY'

set vpn l2tp remote-access ipsec-settings ike-lifetime '3600'
set vpn l2tp remote-access ipsec-settings lifetime '3600'

set vpn l2tp remote-access mtu '1450'
set vpn l2tp remote-access name-server '114.114.114.114'

set vpn l2tp remote-access outside-address '203.0.110.11'


 

查看 ipsec sa

vyos ipsec l2tp simple experiment_客户端_02

 

查看ipsec l2tp 客户端

vyos ipsec l2tp simple experiment_html_03vyos ipsec l2tp simple experiment_html_04

vyos ipsec l2tp simple experiment_客户端_05

vyos ipsec l2tp simple experiment_html_06

 

========= End