dark

IPsec VPN伺服器上的L2TP

Total
0
Shares
0
0
0



該視頻演示了在邊緣路由器上通過IPsec VPN伺服器設置L2TP的幾種方法。這是此視頻中討論的步驟:

步驟1:設置WAN介面和內部網路
設置vpn ipsec ipsec-interfaces介面eth0
設置VPN ipsec nat-networks允許網路192.168.1.1/24
設置VPN ipsec nat遍歷啟用

步驟2:設置身份驗證模式並創建用戶
在本地設置VPN L2TP遠程訪問身份驗證模式
設置vpn l2tp遠程訪問身份驗證本地用戶用戶名xxxx密碼xxxx

步驟3:設置客戶端IP池
設置vpn l2tp遠程訪問客戶端IP池啟動192.168.1.xxx
設置vpn l2tp遠程訪問客戶端IP池停止192.168.1.xxx

步驟4:設置客戶端DNS伺服器
設置vpn l2tp遠程訪問dns伺服器server-1 8.8.8.8
設置vpn l2tp遠程訪問dns伺服器server-2 4.2.2.2

步驟5:設置預共享機密
設置vpn l2tp遠程訪問ipsec設置身份驗證模式預共享秘密
設置VPN L2TP遠程訪問ipsec設置身份驗證預共享秘密xxxxxxx
設置VPN L2TP遠程訪問IPsec設置ike-lifetime 360​​0

步驟6:設定外部存取權
對於靜態:設置vpn l2tp遠程訪問外部地址xxx.xxx.xxx.xx

對於DHCP:設置vpn l2tp遠程訪問dhcp介面eth0

對於帶PPPOE的動態DNS:設置vpn l2tp遠程訪問外部地址0.0.0.0

步驟7:保存設置
承諾;保存;出口

要了解有關EdgeRouters和Ubiquiti產品的更多信息-http://www.ubnt.com

請分享此視頻-https://youtu.be/nSYmcaOMM7Y
亞馬遜會員鏈接:
EdgeRouter X-http://amzn.to/2kTFTUI

EdgeRouter X SFP-http://amzn.to/2C6cDpe

EdgeRouter Lite-http://amzn.to/2zImOKo

Ubiquiti雲密鑰-http://amzn.to/2CRIXIo

Unifi 8埠60W交換機-http://amzn.to/2CTmLO5

UAP-AP-Lite-http://amzn.to/2C4OAXP

免責聲明:
我參加了亞馬遜會員計劃。使用我的Amazon Affiliate鏈接購買時,價格不變。您支付相同的費用,但我確實得到了傭金的一小部分。這有助於頻道繼續創建內容。

該視頻中使用的所有圖像都是我自己的。音樂「是」來自YouTube的免費音樂庫。是的,Audionautix的是根據知識共享署名許可(https://creativecommons.org/licenses / …)許可的
歌手:http://audionautix.com/。

關於托尼:
我是32歲的退休教育者。我最初是一名樂器音樂老師,後來發展為技術支持。在為教師和學生提供多年技術支持之後,我職業生涯的最後十年,我擔任技術協調員和技術主管的領導職務。我一直熱衷於幫助人們。我希望繼續幫助我的YouTube社區中的人們。

話雖如此,我與邊緣路由器的製造商Ubiquiti Networks沒有任何關係,也沒有獲得製作此視頻的報酬。我購買了自己的邊緣路由器,以用於自己的家庭網路。

在以下位置聯繫Tony:
[email protected]

跟隨我:
Twitter @quiktechreview
臉書@quiktechsolutionsllc

希望您喜歡這個視頻。

問候!! 。

20 comments

  1. I have treed this on several Edge Routers it works perfectly connecting via windows (all versions) but on iOS just does not work. It's been a year of messing around and still no connection.

  6. Followed this amazing tutorial and managed to set up L2TP over IPsec VPN server on my ER-X-SFP without any trouble. I use my ddns.net as my server address. If I'm outside (not on my network), for example in McDonald's or Tim Hortons, using free WiFi, I can connect to my home router VPN, no problems at all, almost instantly. If I try to connect to it while I'm at home, on my home network, attempt is always unsuccessful. I really want to learn as to why that happens, and if there is any way to set it up differently so I can use my own VPN server at home too. Thank you so much in advance Tony!

  7. Hi Tony, great video! However, when I try to connect from Windows 10 using the built-in VPN client, I get "The connection was prevented because of a policy configured on your RAS/VPN server. Specifically, the authentication method used by the server to verify your username and password does not match…".

    However, I followed your instructions down to a T for both the server and client. The client is setup as L2TP/IPSec PSK. Are you aware of this error and what's causing it?

  9. Hey Tony,
    I updated my firmware and it broke my VPN which was setup following your instructions.
    Any chance you could update this for firmware version 2.0.3?
    I think what breaks is somewhere around step 6
    Thanks so much.
    Dave

  11. I have a new question about the firewall rules (IKE, L2TP …). When the rules are created, in the Advanced> State section you will find the options of: established, invalid, new and related. In my case, I do not have any of them marked, should I mark any of them? Which one would they be?

  12. I have no problem following the video to connect iphone to the home VPN, however I just can't get it to connect on Android device, anyone got the same problem?

  13. Great Video. I got everything setup except the Dynamic DNS. Are the following steps close to what I need to do. 1. Buy or get free DNS service from noip.com (or similar). 2. Under Services – DNS input the Dynamic DNS service (hostname, login, password etc). 3. Go to Firewall/NAT -> Port forward to forward the incoming connection?? To summarize, I don't know how to configure the Dynamic DNS on the Edge router to make it work with the VPN solution your describing. Thanks

  16. Great video and easy to set up no issues just followed the steps Thank you!! . I just have 1 question, I require 3 different users. One for me no problem but require 2 more (wife and son) is there any more configuration to do? Or just add the users via GUI ?

  17. DOES NOT WITH ANDROID.BECAUSE L2TP SECRECT NOT USED.
    REQUIRES PRE -SHARED KEY.
    TOTAL NEWBIE .IF INSTRUCTIONS DON'T WORK .TOTALLY USELESS TO ME.
    ANOTHER HOUR I HAVE WASTED IN MY LIFE …DO NOT WASTE YOUR TIME IF YOUR A ANDROID USER .ANDROID CLIENT DID NOT WORK FOR ME .

    APPLE ONLY TUTORIAL

  18. Hello
    I have a question for you and meby others. When i used that configuration of VPN. I can't see any computer in lan from remote network. How can i connect to my office and work with sql for example… Thakn you 🙂

  20. Thanks for this.

    I was troubleshooting a existing configuration. it seems these lines were missing:

    ipsec-interfaces {

    interface eth0

    }

    nat-networks {

    allowed-network xxx.xxx.xxx.xxx/xx {
    }

    }

    nat-traversal enable

    Interestingly, prior to adding the above lines, this was the Windows error code "Error Description: 809: The network connection between your computer and the VPN server could not be established because the remote server is not responding. This could be because one of the network devices (e.g, firewalls, NAT, routers, etc)"

    So the IPSec interface wasn't defined and NAT traversal wasn't enabled.

Comments are closed.