L2tp/ipsec one click installation script

One . brief introduction

This script is applicable to ： System support ：CentOS6+,Debian7+,Ubuntu12+ Memory requirements ：≥128M Updated date ：2017 year 05 month 28 Japan

About this script ： The term is explained as follows L2TP（Layer 2 Tunneling Protocol） IPSec（Internet Protocol Security） IKEv2 (Internet Key Exchange v2) It can be realized IPsec On the whole, there are openswan,libreswan,strongswan this 3 Kind of . libreswan Is based on openswan Of fork, So we can't see it in each distribution openswan The figure of the . Of course, it can also be used strongswan Of .

The reason to update L2TP One click Install script , Because with each Linux The distribution continues to push through the old and bring forth the new , The original script can no longer meet the current needs . This script installs the latest version by compiling libreswan To achieve IPSec（CentOS7 Next is all yum install ）,yum or apt-get To install xl2tpd, According to the usage of each distribution , Deploy firewall rules .

Write it at the front ： be based on OpenVZ Virtualization technology VPS Need to open TUN/TAP For normal use , Buy VPS Please check with the service provider to see if it supports opening TUN/TAP.

OpenVZ Virtual VPS Need system kernel support IPSec Talent . in other words , If the kernel of the parent server does not support it, there is no way , Only for VPS. therefore , It is generally not recommended that OpenVZ Of VPS Install this script on . If the script detects this VPS by OpenVZ framework , A warning will appear .

How to detect whether it supports TUN modular ？ Carry out orders ： cat /dev/net/tun If the return information is ：cat: /dev/net/tun: File descriptor in bad state Explain normal

How to detect whether it supports ppp modular ？ Carry out orders ： cat /dev/ppp If the return information is ：cat: /dev/ppp: No such device or address Explain normal Of course , The script also performs checks during installation , If not applicable for installation , The script will prompt .

Two . Install and use

root After the user logs in , Run the following command ： wget --no-check-certificate https://raw.githubusercontent.com/teddysun/across/master/l2tp.shchmod +x l2tp.sh./l2tp.sh

After execution , There will be the following interactive interface

Please input IP-Range: (Default Range: 192.168.18): Input local IP Paragraph scope （ Local computer connected to VPS To a local assigned IP Address ）, Direct return means entering a default value 192.168.18

Please input PSK: (Default PSK: teddysun.com): PSK Pre shared key , That is, to specify a key to be used in connection in the future , Direct return means entering a default value teddysun.com

Please input Username: (Default Username: teddysun): Username Means user name , The first default user . Direct return means entering a default value teddysun

Please input teddysun’s password: (Default Password: Q4SKhu2EXQ): Enter the user's password , One will be randomly generated by default 10 Bit password with upper and lower case letters and numbers , Of course, you can also specify the password .

ServerIP:your_server_main_IP Show your VPS The Lord of IP（ If it is more IP Of VPS Only one ）

Server Local IP:192.168.18.1 Show your VPS The local IP（ The default can be ）

Client Remote IP Range:192.168.18.2-192.168.18.254 Show IP Paragraph scope

PSK:teddysun.com Show PSK

Press any key to start…or Press Ctrl+c to cancel Press any key to continue , If you want to cancel the installation , Please press Ctrl+c key

After installation , The script will execute ipsec verify Command and prompt as follows ：

1. If there are no [FAILED] above, then you can connect to your
2. L2TP VPN Server with the defaultUsername/Password is below:
3. ServerIP:your_server_IP
4. PSK:your PSK
5. Username:your usename
6. Password:your password
7. If you want to modify user settings, please use command(s):
8. l2tp -a (Add a user)
9. l2tp -d (Delete a user)
10. l2tp -l (List all users)
11. l2tp -m (Modify a user password)
12. Welcome to visit https://teddysun.com/448.html
13. Enjoy it!

If you want to operate on users , You can use the following command ： l2tp -a New users l2tp -d Delete user l2tp -m Modify the password of an existing user l2tp -l List all user names and passwords l2tp -h List help information

Other matters ： 1、 After the script is installed , Process started automatically , And add the startup and self startup . 2、 The script will rewrite iptables or firewalld The rules of . 3、 During script installation , The installation log will be written to /root/l2tp.log In the document , If your installation fails , You can use this file to find error messages .

Use command ： ipsec status （ see IPSec Running state ） ipsec verify （ see IPSec Examination result ） /etc/init.d/ipsec start|stop|restart|status （CentOS6 Next use ） /etc/init.d/xl2tpd start|stop|restart （CentOS6 Next use ） systemctl start|stop|restart|status ipsec （CentOS7 Next use ） systemctl start|stop|restart xl2tpd （CentOS7 Next use ） service ipsec start|stop|restart|status （Debian/Ubuntu Next use ） service xl2tpd start|stop|restart （Debian/Ubuntu Next use ）