ipsec XAUTH (with xl2tpd, openswan)

ipsec xauth ipsec.conf

: 현재 ipsec xauth 설정 되지 않음

config setup     plutostderrlog=/var/log/ipsec.log     plutodebug=all     nat_traversal=yes     virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!10.152.2.0/24     oe=off     protostack=netkey     uniqueids=no conn L2TP-PSK-NAT     rightsubnet=vhost:%priv     also=L2TP-PSK-noNAT conn L2TP-PSK-noNAT     authby=secret     pfs=no     auto=add     keyingtries=3     rekey=no     dpddelay=30     dpdtimeout=120     dpdaction=clear     ikelifetime=8h     keylife=1h     type=transport     left=211.234.6.29     leftprotoport=17/1701     right=%any     rightprotoport=17/%any     forceencaps=yes conn IPSEC-XAUTH-NAT     rekey=no     pfs=no     type=transport     aggrmode=no     authby=secret     auto=add     keyingtries=3     dpddelay=30     dpdtimeout=120     dpdaction=clear     ikelifetime=8h     keylife=1h     keyexchange=ike     ike=aes-sha1-modp1024     left=211.234.6.29     leftprotoport=17/%any     leftxauthserver=yes     leftxauthusername=smileman     right=%defaultroute     rightprotoport=17/%any     rightxauthclient=yes     right=%any     forceencaps=yes

/etc/ppp/options.xl2tpd

refuse-mschap-v2 refuse-mschap ms-dns 8.8.8.8 ms-dns 8.8.4.4 asyncmap 0 auth crtscts idle 1800 mtu 1200 mru 1200 lock hide-password local name l2tpd proxyarp lcp-echo-interval 30 lcp-echo-failure 4

/etc/ipsec.secrets

include /etc/ipsec.d/*.secrets 211.234.6.29 %any: PSK "smile1234" @smileman : XAUTH "smile1234" 211.234.6.29 : PSK "smile1234"

END