github/across
1
0
Fork 0
mirror of https://github.com/teddysun/across.git synced 2025-01-19 06:19:35 +08:00
Code Issues Packages Projects Releases Wiki Activity
across/docker/l2tp/README.md
Teddysun 890f0473c0
Added L2TP/IPSec VPN Server Docker Image 
Signed-off-by: Teddysun <i@teddysun.com>
2018-06-30 15:54:13 +09:00

128 lines
3.3 KiB
Markdown
Raw Blame History

## L2TP/IPsec VPN Server Docker Image by Teddysun
Docker image to run a L2TP/IPsec VPN Server, with both `L2TP/IPsec PSK` and `IPSec Xauth PSK`.
Based on Debian 9 (Stretch) with latest libreswan (IPsec VPN software) and xl2tpd (L2TP daemon).
Docker images are built for quick deployment in various computing cloud providers.
For more information on docker and containerization technologies, refer to [official document][1].
## Prepare the host
If you need to install docker by yourself, follow the [official installation guide][2].
## Pull the image
```bash
$ docker pull teddysun/l2tp
```
This pulls the latest release of shadowsocks-libev.
It can be found at [Docker Hub][3].
## Start a container
You **must create a environment file** `/etc/l2tp.env` in host at first, and sample value is below:
```
VPN_IPSEC_PSK=teddysun.com
VPN_USER=vpnuser
VPN_PASSWORD=vpnpassword
VPN_PUBLIC_IP=
VPN_L2TP_NET=
VPN_L2TP_LOCAL=
VPN_L2TP_REMOTE=
VPN_XAUTH_NET=
VPN_XAUTH_REMOTE=
VPN_DNS1=
VPN_DNS2=
```
This will create a default user account for L2TP/IPsec VPN login, which can be used by your **multiple devices**.
The IPSec PSK (pre-shared key) is specified by the `VPN_IPSEC_PSK` environment variable.
The username is specified in `VPN_USER` environment variable.
and password is specified in `VPN_PASSWORD` environment variable.
If your VPS has multiple public IP addresses, maybe public IP need to specified in `VPN_PUBLIC_IP` environment variable.
There is an example to start a container:
```bash
$ docker run -d --privileged -p 500:500/udp -p 4500:4500/udp --name l2tp --env-file /etc/l2tp.env -v /lib/modules:/lib/modules teddysun/l2tp
```
**Note**: The UDP port number `500` and `4500` must be opened in firewall.
## Check container details
If you want to view the container logs:
```bash
$ docker logs l2tp
```
Output log like below:
```
L2TP/IPsec VPN Server with the Username and Password is below:
Server IP: Your Server public IP
IPSec PSK: IPSec PSK (pre-shared key)
Username : VPN username
Password : VPN password
Redirecting to: /etc/init.d/ipsec start
Starting pluto IKE daemon for IPsec: Initializing NSS database
xl2tpd[1]: Not looking for kernel SAref support.
xl2tpd[1]: Using l2tp kernel support.
xl2tpd[1]: xl2tpd version xl2tpd-1.3.12 started on 1d20eaecd9f2 PID:1
xl2tpd[1]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
xl2tpd[1]: Forked by Scott Balmos and David Stipp, (C) 2001
xl2tpd[1]: Inherited by Jeff McAdams, (C) 2002
xl2tpd[1]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016
xl2tpd[1]: Listening on IP address 0.0.0.0, port 1701
```
To check the status of your L2TP/IPSec VPN server, you can confirm `ipsec status` to your container like below:
```bash
$ docker exec -it l2tp ipsec status
```
## Manage VPN Users
If you want to add, modify or remove user accounts, please do it simple like below:
### List all users
```bash
$ docker exec -it l2tp l2tpctl -l
```
### Add a user
```bash
$ docker exec -it l2tp l2tpctl -a
```
### Delete a user
```bash
$ docker exec -it l2tp l2tpctl -d
```
### Modify a user password
```bash
$ docker exec -it l2tp l2tpctl -m
```
### Print help information
```bash
$ docker exec -it l2tp l2tpctl -h
```
[1]: https://docs.docker.com/
[2]: https://docs.docker.com/install/
[3]: https://hub.docker.com/r/teddysun/l2tp/
Reference in New Issue View Git Blame Copy Permalink