PPTP-L2TP-IPSec-VPN-auto-installation-script-for-CentOS-7 这脚本好像不支持阿里云？

我在阿里云的主机上安装这脚本，好像没用。vpn完全连不上。用秋水大神的脚本就完全没有问题，不过他的脚本只有l2tp.

Aug 24 '17 13:08 fyhong

我今天折腾了一天，确实不行。 /var/log/secure日志里面看起来是建立了连接，然后客户端马上就断了。

Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #2: STATE_QUICK_R2: IPsec SA established transport mode {ESP/NAT=>0x0848e070 <0xf270bc91 xfrm=AES_256-HMAC_SHA1 NATOA=192.168.0.105 NATD=118.112.40.33:4500 DPD=active} Apr 20 20:52:07 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #1: received Delete SA(0x0848e070) payload: deleting IPSEC State #2

Apr 20 20:52:05 lawrence pluto[2449]: "L2TP-PSK-NAT"[1] 118.112.40.33 #1: responding to Main Mode from unknown peer 118.112.40.33 Apr 20 20:52:05 lawrence pluto[2449]: "L2TP-PSK-NAT"[1] 118.112.40.33 #1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 Apr 20 20:52:05 lawrence pluto[2449]: "L2TP-PSK-NAT"[1] 118.112.40.33 #1: STATE_MAIN_R1: sent MR1, expecting MI2 Apr 20 20:52:05 lawrence pluto[2449]: "L2TP-PSK-NAT"[1] 118.112.40.33 #1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 Apr 20 20:52:05 lawrence pluto[2449]: "L2TP-PSK-NAT"[1] 118.112.40.33 #1: STATE_MAIN_R2: sent MR2, expecting MI3 Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[1] 118.112.40.33 #1: ignoring informational payload IPSEC_INITIAL_CONTACT, msgid=00000000, length=28 Apr 20 20:52:06 lawrence pluto[2449]: | ISAKMP Notification Payload Apr 20 20:52:06 lawrence pluto[2449]: | 00 00 00 1c 00 00 00 01 01 10 60 02 Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[1] 118.112.40.33 #1: Main mode peer ID is ID_IPV4_ADDR: '192.168.0.105' Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[1] 118.112.40.33 #1: switched from "L2TP-PSK-NAT"[1] 118.112.40.33 to "L2TP-PSK-NAT" Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #1: deleting connection "L2TP-PSK-NAT"[1] 118.112.40.33 instance with peer 118.112.40.33 {isakmp=#0/ipsec=#0} Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #1: new NAT mapping for #1, was 118.112.40.33:500, now 118.112.40.33:4500 Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #1: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=PRESHARED_KEY cipher=aes_256 integ=sha2_256 group=MODP2048} Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #1: the peer proposed: 47.52.136.162/32:17/1701 -> 192.168.0.105/32:17/0 Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #1: NAT-Traversal: received 2 NAT-OA. Using first, ignoring others Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #2: responding to Quick Mode proposal {msgid:f943fd3d} Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #2: us: 172.31.162.138<172.31.162.138>:17/1701 Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #2: them: 118.112.40.33[192.168.0.105]:17/54806===192.168.0.105/32 Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #2: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #2: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 transport mode {ESP/NAT=>0x0848e070 <0xf270bc91 xfrm=AES_256-HMAC_SHA1 NATOA=192.168.0.105 NATD=118.112.40.33:4500 DPD=active} Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #2: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #2: STATE_QUICK_R2: IPsec SA established transport mode {ESP/NAT=>0x0848e070 <0xf270bc91 xfrm=AES_256-HMAC_SHA1 NATOA=192.168.0.105 NATD=118.112.40.33:4500 DPD=active} Apr 20 20:52:07 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #1: received Delete SA(0x0848e070) payload: deleting IPSEC State #2 Apr 20 20:52:07 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #1: deleting other state #2 (STATE_QUICK_R2) "L2TP-PSK-NAT"[2] 118.112.40.33 Apr 20 20:52:07 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #1: ESP traffic information: in=113B out=96B Apr 20 20:52:07 lawrence pluto[2449]: "L2TP-PSK-NAT" #1: deleting state (STATE_MAIN_R3) Apr 20 20:52:07 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33: deleting connection "L2TP-PSK-NAT"[2] 118.112.40.33 instance with peer 118.112.40.33 {isakmp=#0/ipsec=#0} Apr 20 20:52:07 lawrence pluto[2449]: packet from 118.112.40.33:4500: received and ignored empty informational notification payload

Apr 20 '18 13:04 onlyforcloud

@fyhong 非常感谢你，我去查了秋水的脚本，果然可以。我一个运维大神同事对比两套脚本，唯一的不同，是第二个脚本开头把SELINUX禁用了，其余都一样。秋水脚本： wget --no-check-certificate https://raw.githubusercontent.com/teddysun/across/master/l2tp.sh

Apr 20 '18 13:04 onlyforcloud

好用：https://raw.githubusercontent.com/teddysun/across/master/l2tp.sh

Sep 24 '19 10:09 lihua123569

PPTP-L2TP-IPSec-VPN-auto-installation-script-for-CentOS-7 PPTP-L2TP-IPSec-VPN-auto-installation-script-for-CentOS-7 copied to clipboard

这脚本好像不支持阿里云？

PPTP-L2TP-IPSec-VPN-auto-installation-script-for-CentOS-7
PPTP-L2TP-IPSec-VPN-auto-installation-script-for-CentOS-7 copied to clipboard