Ubuntu 10.04 安装 VPN 安全才能回家 :-)
企业 Cisco VPN 安装与配置使用
基本步骤
整体分为多步:
- 在企业中申请VPN
- 安装Cisco VPN客户端,本文针对Cisco AnyConnect VPN
重启系统
开始调试了半天, 最后发现需要重新启动系统. 估计是涉及到驱动程序了需要重新load
添加VPN
- 配置VPN
- 点击连接,输入username&password
- 添加特定IP的路由
- Connect & Use
具体使用
建议使用命令模式, 这样可以通过不同设备有选择性的访问网络.
图示
命令行模式
# Connect to server by openconnect
sudo openconnect -u xxxx.xxx vpn.xxx-inc.com
# In other terminal
# list the network interface
ifconfig
# Add route for ip connect
# route: connect to 10.x.x.x with tun0 device
sudo route add -net 10.0.0.0 netmask 255.0.0.0 dev tun0
P2P VPN
Ubuntu 需要设置个把属性: 需要让PPTP拒绝EAP验证,而这个设置在VPN设置栏中没有。 需要通过手工进行处理:
- 打开gconf-editor
- 进入到 /system/networking/connections
- 查看并找到VPN文件夹
- 添加新的键值
- Name: refuse-eap
- Type: string
- Value: yes
- 保存、退出并重新连接
日志信息,从错误到成功:
pppd[5094]: pppd 2.4.5 started by root, uid 0
pppd[5094]: Using interface ppp0
pppd[5094]: Connect: ppp0 <--> /dev/pts/2
pppd[5094]: LCP terminated by peer (WM--^Al^@<M-Mt^@^@^CM-")
pppd[5094]: Connection terminated.
pppd[5094]: Modem hangup
pppd[5094]: Exit.
pppd[5238]: Plugin /usr/lib/pppd/2.4.5//nm-pptp-pppd-plugin.so loaded.
pppd[5238]: pppd 2.4.5 started by root, uid 0
pppd[5238]: Using interface ppp0
pppd[5238]: Connect: ppp0 <--> /dev/pts/2
pppd[5238]: LCP: timeout sending Config-Requests
pppd[5238]: Connection terminated.
pppd[5238]: Modem hangup
pppd[5238]: Exit.
pppd[5427]: Plugin /usr/lib/pppd/2.4.5//nm-pptp-pppd-plugin.so loaded.
pppd[5427]: pppd 2.4.5 started by root, uid 0
pppd[5427]: Using interface ppp0
pppd[5427]: Connect: ppp0 <--> /dev/pts/2
pppd[5427]: CHAP authentication succeeded
kernel: [20287.732748] PPP BSD Compression module registered
kernel: [20287.768881] PPP Deflate Compression module registered
pppd[5427]: local IP address 172.0.0.18
pppd[5427]: remote IP address 172.0.0.1
pppd[5427]: primary DNS address 20x.1x5.xxx.xxx
pppd[5427]: secondary DNS address 20x.1x5.xxx.xxx
另外就是如果前端有个不怎么给力的路由器,请设置DMZ主机为后端VPN使用的PC机。
创建@
2014-01-04
最后修改@
2014-01-04