dark

IPsec VPN服务器上的L2TP

Total
0
Shares
0
0
0



该视频演示了在边缘路由器上通过IPsec VPN服务器设置L2TP的几种方法。这是此视频中讨论的步骤:

步骤1:设置WAN接口和内部网络
设置vpn ipsec ipsec-interfaces接口eth0
设置VPN ipsec nat-networks允许网络192.168.1.1/24
设置VPN ipsec nat遍历启用

步骤2:设置身份验证模式并创建用户
在本地设置VPN L2TP远程访问身份验证模式
设置vpn l2tp远程访问身份验证本地用户用户名xxxx密码xxxx

步骤3:设置客户端IP池
设置vpn l2tp远程访问客户端IP池启动192.168.1.xxx
设置vpn l2tp远程访问客户端IP池停止192.168.1.xxx

步骤4:设置客户端DNS服务器
设置vpn l2tp远程访问dns服务器server-1 8.8.8.8
设置vpn l2tp远程访问dns服务器server-2 4.2.2.2

步骤5:设置预共享机密
设置vpn l2tp远程访问ipsec设置身份验证模式预共享秘密
设置VPN L2TP远程访问ipsec设置身份验证预共享秘密xxxxxxx
设置VPN L2TP远程访问IPsec设置ike-lifetime 360​​0

步骤6:设定外部存取权
对于静态:设置vpn l2tp远程访问外部地址xxx.xxx.xxx.xx

对于DHCP:设置vpn l2tp远程访问dhcp接口eth0

对于带PPPOE的动态DNS:设置vpn l2tp远程访问外部地址0.0.0.0

步骤7:保存设置
承诺;保存;出口

要了解有关EdgeRouters和Ubiquiti产品的更多信息-http://www.ubnt.com

请分享此视频-https://youtu.be/nSYmcaOMM7Y
亚马逊会员链接:
EdgeRouter X-http://amzn.to/2kTFTUI

EdgeRouter X SFP-http://amzn.to/2C6cDpe

EdgeRouter Lite-http://amzn.to/2zImOKo

Ubiquiti云密钥-http://amzn.to/2CRIXIo

Unifi 8端口60W交换机-http://amzn.to/2CTmLO5

UAP-AP-Lite-http://amzn.to/2C4OAXP

免责声明:
我参加了亚马逊会员计划。使用我的Amazon Affiliate链接购买时,价格不变。您支付相同的费用,但我确实得到了佣金的一小部分。这有助于频道继续创建内容。

该视频中使用的所有图像都是我自己的。音乐“是”来自YouTube的免费音乐库。是的,Audionautix的是根据知识共享署名许可(https://creativecommons.org/licenses / …)许可的
歌手:http://audionautix.com/。

关于托尼:
我是32岁的退休教育者。我最初是一名乐器音乐老师,后来发展为技术支持。在为教师和学生提供多年技术支持之后,我职业生涯的最后十年,我担任技术协调员和技术主管的领导职务。我一直热衷于帮助人们。我希望继续帮助我的YouTube社区中的人们。

话虽如此,我与边缘路由器的制造商Ubiquiti Networks没有任何关系,也没有获得制作此视频的报酬。我购买了自己的边缘路由器,以用于自己的家庭网络。

在以下位置联系Tony:
[email protected]

跟随我:
Twitter @quiktechreview
脸书@quiktechsolutionsllc

希望您喜欢这个视频。

问候!! 。

20 comments

  1. I have treed this on several Edge Routers it works perfectly connecting via windows (all versions) but on iOS just does not work. It's been a year of messing around and still no connection.

  6. Followed this amazing tutorial and managed to set up L2TP over IPsec VPN server on my ER-X-SFP without any trouble. I use my ddns.net as my server address. If I'm outside (not on my network), for example in McDonald's or Tim Hortons, using free WiFi, I can connect to my home router VPN, no problems at all, almost instantly. If I try to connect to it while I'm at home, on my home network, attempt is always unsuccessful. I really want to learn as to why that happens, and if there is any way to set it up differently so I can use my own VPN server at home too. Thank you so much in advance Tony!

  7. Hi Tony, great video! However, when I try to connect from Windows 10 using the built-in VPN client, I get "The connection was prevented because of a policy configured on your RAS/VPN server. Specifically, the authentication method used by the server to verify your username and password does not match…".

    However, I followed your instructions down to a T for both the server and client. The client is setup as L2TP/IPSec PSK. Are you aware of this error and what's causing it?

  9. Hey Tony,
    I updated my firmware and it broke my VPN which was setup following your instructions.
    Any chance you could update this for firmware version 2.0.3?
    I think what breaks is somewhere around step 6
    Thanks so much.
    Dave

  11. I have a new question about the firewall rules (IKE, L2TP …). When the rules are created, in the Advanced> State section you will find the options of: established, invalid, new and related. In my case, I do not have any of them marked, should I mark any of them? Which one would they be?

  12. I have no problem following the video to connect iphone to the home VPN, however I just can't get it to connect on Android device, anyone got the same problem?

  13. Great Video. I got everything setup except the Dynamic DNS. Are the following steps close to what I need to do. 1. Buy or get free DNS service from noip.com (or similar). 2. Under Services – DNS input the Dynamic DNS service (hostname, login, password etc). 3. Go to Firewall/NAT -> Port forward to forward the incoming connection?? To summarize, I don't know how to configure the Dynamic DNS on the Edge router to make it work with the VPN solution your describing. Thanks

  16. Great video and easy to set up no issues just followed the steps Thank you!! . I just have 1 question, I require 3 different users. One for me no problem but require 2 more (wife and son) is there any more configuration to do? Or just add the users via GUI ?

  17. DOES NOT WITH ANDROID.BECAUSE L2TP SECRECT NOT USED.
    REQUIRES PRE -SHARED KEY.
    TOTAL NEWBIE .IF INSTRUCTIONS DON'T WORK .TOTALLY USELESS TO ME.
    ANOTHER HOUR I HAVE WASTED IN MY LIFE …DO NOT WASTE YOUR TIME IF YOUR A ANDROID USER .ANDROID CLIENT DID NOT WORK FOR ME .

    APPLE ONLY TUTORIAL

  18. Hello
    I have a question for you and meby others. When i used that configuration of VPN. I can't see any computer in lan from remote network. How can i connect to my office and work with sql for example… Thakn you 🙂

  20. Thanks for this.

    I was troubleshooting a existing configuration. it seems these lines were missing:

    ipsec-interfaces {

    interface eth0

    }

    nat-networks {

    allowed-network xxx.xxx.xxx.xxx/xx {
    }

    }

    nat-traversal enable

    Interestingly, prior to adding the above lines, this was the Windows error code "Error Description: 809: The network connection between your computer and the VPN server could not be established because the remote server is not responding. This could be because one of the network devices (e.g, firewalls, NAT, routers, etc)"

    So the IPSec interface wasn't defined and NAT traversal wasn't enabled.

Comments are closed.