|
|
|
diff -Naur xl2tpd-1.3.1-orig/examples/chapsecrets.sample xl2tpd-1.3.1/examples/chapsecrets.sample
|
|
|
|
--- xl2tpd-1.3.1-orig/examples/chapsecrets.sample 2011-10-06 15:22:05.000000000 -0400
|
|
|
|
+++ xl2tpd-1.3.1/examples/chapsecrets.sample 2012-06-12 12:08:26.850851970 -0400
|
|
|
|
@@ -1,7 +1,9 @@
|
|
|
|
-# Secrets for authentication using CHAP
|
|
|
|
-# client server secret IP addresses
|
|
|
|
-jacco * "mysecret" 192.168.1.128/25
|
|
|
|
-* jacco "mysecret" 192.168.1.128/25
|
|
|
|
-sam * "rumpelstiltskin" 192.168.1.5
|
|
|
|
-* sam "rumpelstiltskin" 192.168.1.5
|
|
|
|
-
|
|
|
|
+# Secrets for authentication on server using CHAP
|
|
|
|
+# client server secret IP addresses
|
|
|
|
+jacco * "mysecret" 192.168.1.128/25 # Dynamic IP
|
|
|
|
+sam * "rumpelstiltskin" 192.168.1.5 # Static IP
|
|
|
|
+#
|
|
|
|
+# Secrets for authentication on client using CHAP
|
|
|
|
+# client server secret IP addresses
|
|
|
|
+* jacco "mysecret"
|
|
|
|
+* sam "rumpelstiltskin"
|
|
|
|
diff -Naur xl2tpd-1.3.1-orig/examples/README xl2tpd-1.3.1/examples/README
|
|
|
|
--- xl2tpd-1.3.1-orig/examples/README 2011-10-06 15:22:05.000000000 -0400
|
|
|
|
+++ xl2tpd-1.3.1/examples/README 2012-06-12 12:08:26.850851970 -0400
|
|
|
|
@@ -1,2 +1,4 @@
|
|
|
|
-These are example files for use with xl2tpd. The xl2tpd*conf files are
|
|
|
|
-examples to use xl2tpd with Openswan's IPsec. See www.openswan.org
|
|
|
|
+These are example files for use with xl2tpd.
|
|
|
|
+
|
|
|
|
+Openswan carries config examples for use with l2tp-over-ipsec.
|
|
|
|
+See http://www.openswan.org/
|
|
|
|
diff -Naur xl2tpd-1.3.1-orig/examples/xl2tpd.conf xl2tpd-1.3.1/examples/xl2tpd.conf
|
|
|
|
--- xl2tpd-1.3.1-orig/examples/xl2tpd.conf 2011-10-06 15:22:05.000000000 -0400
|
|
|
|
+++ xl2tpd-1.3.1/examples/xl2tpd.conf 2012-06-12 12:27:00.922911049 -0400
|
|
|
|
@@ -14,6 +14,11 @@
|
|
|
|
; in the example below). Yet another IP address (local ip, e.g. 192.168.1.99)
|
|
|
|
; will be used by xl2tpd as its address on pppX interfaces.
|
|
|
|
|
|
|
|
+
|
|
|
|
+; IMPORTANT: always set listen-addr to a specific address, to work around a
|
|
|
|
+; udpfromto bug!!!
|
|
|
|
+
|
|
|
|
+
|
|
|
|
[global]
|
|
|
|
; listen-addr = 192.168.1.98
|
|
|
|
;
|
|
|
|
@@ -24,14 +29,15 @@
|
|
|
|
; when using any of the SAref kernel patches for kernels up to 2.6.35.
|
|
|
|
; ipsec refinfo = 30
|
|
|
|
;
|
|
|
|
-; forceuserspace = yes
|
|
|
|
+; force userspace = yes
|
|
|
|
;
|
|
|
|
; debug tunnel = yes
|
|
|
|
|
|
|
|
[lns default]
|
|
|
|
ip range = 192.168.1.128-192.168.1.254
|
|
|
|
local ip = 192.168.1.99
|
|
|
|
-require chap = yes
|
|
|
|
+; leave chap unspecified for maximum compatibility with windows, iOS, etc
|
|
|
|
+; require chap = yes
|
|
|
|
refuse pap = yes
|
|
|
|
require authentication = yes
|
|
|
|
name = LinuxVPNserver
|