konosukef/chap-secrets

## chap-secrets
# Secrets for authentication using CHAP
# client	server	secret			IP addresses

username * password *

## ipsec.conf
# ipsec.conf - strongSwan IPsec configuration file

config setup

conn l2tp
      left=%any
      leftprotoport=udp/l2tp
      leftid=vpn.example.com
      leftcert=vpn.example.com
      right=%any
      rightprotoport=udp/%any
      keyingtries=1
      keyexchange=ikev1
      type=transport
      auto=add

## ipsec.secrets
# This file holds shared secrets or RSA private keys for authentication.

# RSA private key for this host, authenticating it to any other host
# which knows the public part.

: RSA vpn.example.com.key

## options.l2tpd.lns
ms-dns 8.8.8.8
ms-dns 8.8.4.4
auth
crtscts
lock
mru 1280
mtu 1280
proxyarp
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
noccp

## xl2tpd.conf
[global]
port = 1701

[lns default]
ip range = 10.10.0.2-10.10.0.254
local ip = 10.10.0.1
length bit = yes
refuse pap = yes
refuse chap = yes
require authentication = yes
name = l2tp
pppoptfile = /etc/ppp/options.l2tpd.lns
	# Secrets for authentication using CHAP
	# client server secret IP addresses

	username * password *
	# ipsec.conf - strongSwan IPsec configuration file

	config setup

	conn l2tp
	left=%any
	leftprotoport=udp/l2tp
	leftid=vpn.example.com
	leftcert=vpn.example.com
	right=%any
	rightprotoport=udp/%any
	keyingtries=1
	keyexchange=ikev1
	type=transport
	auto=add
	# This file holds shared secrets or RSA private keys for authentication.

	# RSA private key for this host, authenticating it to any other host
	# which knows the public part.

	: RSA vpn.example.com.key
	ms-dns 8.8.8.8
	ms-dns 8.8.4.4
	auth
	crtscts
	lock
	mru 1280
	mtu 1280
	proxyarp
	refuse-pap
	refuse-chap
	refuse-mschap
	require-mschap-v2
	noccp
	[global]
	port = 1701

	[lns default]
	ip range = 10.10.0.2-10.10.0.254
	local ip = 10.10.0.1
	length bit = yes
	refuse pap = yes
	refuse chap = yes
	require authentication = yes
	name = l2tp
	pppoptfile = /etc/ppp/options.l2tpd.lns