第一次在Xen Vps上装PPTP/L2TP/OPENVPN + Freeradius VPN, 求测求指教求分析
IRuins · 2012-09-03 05:20:22 +08:00 · 4087 次点击这是一个创建于 4449 天前的主题,其中的信息可能已经有所发展或是发生改变。
第一次在Xen Vps上装PPTP/L2TP/OPENVPN + Freeradius VPN, 自己身边所有终端能使用VPN的都登陆不上,目前自己测试了PPTP & L2TP。已经两眼发昏,不知道神马情况,有懂的朋友帮忙看一下!您能正常使用否?
设置:
--------------l2tp.conf-------------------------
conn %default
forceencaps=yes
conn L2TP-PSK-NAT
rightsubnet=vhost:%priv
also=L2TP-PSK-noNAT
conn L2TP-PSK-noNAT
authby=secret
pfs=no
auto=add
keyingtries=3
rekey=no
ikelifetime=8h
keylife=1h
type=transport
left=@server_ip@
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
----------------- iptables ----------------------------
# Generated by iptables-save v1.3.5 on Mon Sep 3 03:34:48 2012
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [1:140]
:OUTPUT ACCEPT [1:140]
-A PREROUTING -p udp -m udp --dport 53 -j DNAT --to-destination 8.8.8.8
-A PREROUTING -p udp -m udp --dport 53 -j DNAT --to-destination 8.8.4.4
-A POSTROUTING -s 192.168.77.0/255.255.255.0 -o eth0 -j MASQUERADE
-A POSTROUTING -s 192.168.88.0/255.255.255.0 -o eth0 -j MASQUERADE
-A POSTROUTING -s 192.168.99.0/255.255.255.0 -o eth0 -j MASQUERADE
COMMIT
# Completed on Mon Sep 3 03:34:48 2012
# Generated by iptables-save v1.3.5 on Mon Sep 3 03:34:48 2012
*filter
:INPUT ACCEPT [59:71337]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [44:5340]
-A INPUT -i tun+ -j ACCEPT
-A INPUT -i tap+ -j ACCEPT
-A INPUT -d 50.115.42.142 -p udp -m udp --dport 500 -j ACCEPT
-A INPUT -d 50.115.42.142 -p udp -m udp --dport 4500 -j ACCEPT
-A INPUT -d 50.115.42.142 -p udp -m udp --dport 1701 -j ACCEPT
-A FORWARD -i tun+ -j ACCEPT
-A FORWARD -i tap+ -j ACCEPT
COMMIT
# Completed on Mon Sep 3 03:34:48 2012
设置:
--------------l2tp.conf-------------------------
conn %default
forceencaps=yes
conn L2TP-PSK-NAT
rightsubnet=vhost:%priv
also=L2TP-PSK-noNAT
conn L2TP-PSK-noNAT
authby=secret
pfs=no
auto=add
keyingtries=3
rekey=no
ikelifetime=8h
keylife=1h
type=transport
left=@server_ip@
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
----------------- iptables ----------------------------
# Generated by iptables-save v1.3.5 on Mon Sep 3 03:34:48 2012
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [1:140]
:OUTPUT ACCEPT [1:140]
-A PREROUTING -p udp -m udp --dport 53 -j DNAT --to-destination 8.8.8.8
-A PREROUTING -p udp -m udp --dport 53 -j DNAT --to-destination 8.8.4.4
-A POSTROUTING -s 192.168.77.0/255.255.255.0 -o eth0 -j MASQUERADE
-A POSTROUTING -s 192.168.88.0/255.255.255.0 -o eth0 -j MASQUERADE
-A POSTROUTING -s 192.168.99.0/255.255.255.0 -o eth0 -j MASQUERADE
COMMIT
# Completed on Mon Sep 3 03:34:48 2012
# Generated by iptables-save v1.3.5 on Mon Sep 3 03:34:48 2012
*filter
:INPUT ACCEPT [59:71337]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [44:5340]
-A INPUT -i tun+ -j ACCEPT
-A INPUT -i tap+ -j ACCEPT
-A INPUT -d 50.115.42.142 -p udp -m udp --dport 500 -j ACCEPT
-A INPUT -d 50.115.42.142 -p udp -m udp --dport 4500 -j ACCEPT
-A INPUT -d 50.115.42.142 -p udp -m udp --dport 1701 -j ACCEPT
-A FORWARD -i tun+ -j ACCEPT
-A FORWARD -i tap+ -j ACCEPT
COMMIT
# Completed on Mon Sep 3 03:34:48 2012
 |
1
IRuins OP 56 个点击就没个反馈或讨论的?
人工置顶一次,抓狂吖~ |
 |
2
avatasia 2014-12-29 23:40:38 +08:00
看看防火墙开了没,是否把端口屏蔽啦.
|
Select Language