mpd.conf:
Код: Выделить всё
startup:
# configure mpd users
set user madhammer ******* admin
# configure the console
set console self 127.0.0.1 5005
set console open
# configure the web server
set web self 0.0.0.0 5006
set web open
default:
load l2tp_server
l2tp_server:
set ippool add pool_l2tp 172.16.1.10 172.16.1.30
create bundle template B_l2tp
set iface enable proxy-arp
set iface enable tcpmssfix
set ipcp yes vjcomp
set ipcp ranges 172.16.1.1/24 ippool pool_l2tp
set iface route 172.16.1.0/24
set iface route 10.187.0.0/16
set iface enable on-demand
set iface idle 0
set bundle enable compression
set ccp yes mppc
set mppc yes e40
set mppc yes e128
set mppc yes stateless
create link template L_l2tp l2tp
set link action bundle B_l2tp
set link enable multilink
set link no pap chap eap
set link enable chap
set link keep-alive 10 60
set link mtu 1460
set link mru 1460
set l2tp self 0.0.0.0
set l2tp enable length
set link enable incoming
##########################################################################
Код: Выделить всё
path pre_shared_key "/usr/local/etc/racoon/psk.txt";
#log debug2;
listen
{
isakmp 94.********* [500];
isakmp_natt 94.******* [4500];
}
remote anonymous
{
exchange_mode main, aggressive;
situation identity_only;
passive on;
proposal_check obey;
support_proxy on;
nat_traversal on;
ike_frag on;
dpd_delay 20;
lifetime time 8 hour;
nonce_size 16;
initial_contact on;
proposal
{
encryption_algorithm aes;
hash_algorithm sha1;
authentication_method pre_shared_key;
dh_group modp1024;
}
proposal
{
encryption_algorithm 3des;
hash_algorithm sha1;
authentication_method pre_shared_key;
dh_group modp1024;
}
# proposal_check strict;
}
sainfo anonymous
{
encryption_algorithm aes;
authentication_algorithm hmac_sha1;
compression_algorithm deflate;
pfs_group modp1024;
}
Код: Выделить всё
openssl rand -hex 256