Diff for /wikisrc/tutorials/how_to_create_an_l2tp_ipsec_tunnel_between_an_android_or_iphone_or_ios_device_to_netbsd.mdwn between versions 1.5 and 1.6

version 1.5, 2013/07/04 16:31:48 version 1.6, 2013/07/04 16:35:26
Line 13  for up to 9 simultaneous tunnels. We wil Line 13  for up to 9 simultaneous tunnels. We wil
   
 ## Configuration files  ## Configuration files
   
 All the configuration files except the firewall rules are provided as part of the xl2tp package, copy them in the right places. in ipsec.conf change @LOCAL_ADDRESS@ to your external address 1.2.3.4. Set the key in /etc/racoon/psk.txt (this will be your secret). Set the username and passwd in /etc/ppp/chap-secrets. Enable ipsec, racoon and xl2tpd in rc.conf. You'll need to include all the ppp interfaces in your firewall config file to allow traffic to and from them. I use npf, and I've automated this using /etc/ppp/ip-up file to generate my npf.conf file dynamically from the list of active interfaces and use npf reload to reload the rules. The npf file I am using is in /usr/share/examples/npf/l2tp_gw-npf.conf.  All the configuration files except the firewall rules are provided as part of the xl2tp package, copy them in the right places. in ipsec.conf change @LOCAL_ADDRESS@ to your external address 1.2.3.4. Set the key in /etc/racoon/psk.txt (this will be your secret). Set the username and passwd in /etc/ppp/chap-secrets. Enable ipsec, racoon and xl2tpd in rc.conf. You'll need to include all the ppp interfaces in your firewall config file to allow traffic to and from them. I use npf, and I've automated this using /etc/ppp/ip-up file to generate my npf.conf file dynamically from the list of active interfaces and use npfctl reload /tmp/npf.conf to reload the rules. The npf file I am using is in /usr/share/examples/npf/l2tp_gw-npf.conf.
   
 To debug problems you can use tcpdump on the external, internal, ppp interfaces, and npflog device.   To debug problems you can use tcpdump on the external, internal, ppp interfaces, and npflog device. 
   
 ## Sample messages output.  ## Sample messages output.
   
 This is aggressive mode (iOS); the iPhone uses main mode.  This is aggressive mode (OS/X); the iPhone (iOS) uses main mode.
   
      racoon: INFO: respond new phase 1 negotiation: 1.2.3.4[500]<=>5.6.7.8[500]       racoon: INFO: respond new phase 1 negotiation: 1.2.3.4[500]<=>5.6.7.8[500]
      racoon: INFO: begin Aggressive mode.       racoon: INFO: begin Aggressive mode.

Removed from v.1.5  
changed lines
  Added in v.1.6


CVSweb for NetBSD wikisrc <wikimaster@NetBSD.org> software: FreeBSD-CVSweb