至於為什麼需要搭建L2TP服務,這個大家都懂。先說一下為什麼不用PPTP去科學上網,我用VPS搭建了一套
shadowsocks + PPTP
的服務。
shadowsocks
主要是用在電腦端科學上網的。由於ios上沒辦法用
shadowsocks
,所以搭建了
PPTP
服務。
shadowsock for ios 是收費的。如果想不收費的話,要麼越獄,要麼想其他辦法。當然android不收費可以隨便用。
起初一切正常,速度都還挺滿意。後來朋友也需要這種
特殊服務
,那我就提供啦!但是發現,在他的辦公環境下,沒辦法用公司網絡通過
PPTP
去科學上網。怎麼辦呢?搭建一個
L2TP
服務,用的是這位大大的DearTanker’s 一鍵安裝。步驟應該是這樣的:
[code]#每行我用'>'去區分,注意粘貼
> wget --no-check-certificatehttps://raw.githubusercontent.com/teddysun/across/master/l2tp.sh > chmod +x l2tp.sh
> ./l2tp.sh
然後你要做的就是稍等!片刻後就大功告成!
當然如果有遇到這種錯誤的,也不要著急!
[code]iptables: Setting chains to policy ACCEPT: nat filter [ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
iptables: Applying firewall rules: [ OK ]
ipsec_setup: Openswan IPsec apparently already active, start aborted
Starting xl2tpd:
Please wait a moment...
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path [OK]
Linux Openswan U2.6.24/K2.6.32-573.8.1.el6.i686 (netkey)
Checking for IPsec support in kernel [OK]
Hardware RNG detected, testing if used properly [FAILED]
Hardware RNG detected, testing if used properly [FAILED]
Hardware RNG is present but 'rngd' or 'clrngd' is not running.
No harware random used!
NETKEY detected, testing for disabled ICMP send_redirects [OK]
NETKEY detected, testing for disabled ICMP accept_redirects [OK]
Checking for RSA private key (/etc/ipsec.secrets) [OK]
Checking that pluto is running [OK]
Pluto listening for IKE on udp 500 [OK]
Pluto listening for NAT-T on udp 4500 [OK]
Checking for 'ip' command [OK]
Checking for 'iptables' command [OK]
Opportunistic Encryption Support [DISABLED]
執行下面的shell去修復:
[code]#每行我用'>'去區分,注意粘貼
> yum install rng-tools
> vim /etc/sysconfig/rngd
> EXTRAOPTIONS="-r /dev/urandom"
> chkconfig rngd on
> service rngd restart
好了之後,去驗證一下:
[code]#每行我用'>'去區分,注意粘貼
> ipsec setup restart
> xl2tpd -D
> ipsec verify
至此,完成。
