CrownCloud Wiki

CrownCloud - Internet Services

User Tools

Site Tools


l2tp_setup_on_ubuntu_and_centos_openvz_based_vpses

This is an automated install to setup a L2TP VPN on OpenVZ based VPSes. This may or may not work on KVM based VPSes.

Firstly, run these commands to install prerequisites:

For Ubuntu:

apt-get install nano -y

For CentOS:

yum install nano -y

Next, you will need to download and run the script:

wget --no-check-certificate https://raw.githubusercontent.com/quericy/one-key-ikev2-vpn/master/one-key-ikev2.sh
chmod +x one-key-ikev2.sh
bash one-key-ikev2.sh

When you are prompted, select if you have an OpenVZ or KVM server. (Press 1 then enter for OpenVZ, or press 2 and enter for KVM)

please choose the type of your VPS(Xen、KVM: 1  ,  OpenVZ: 2):
your choice(1 or 2):

Leave this at default, and press enter.

please input the ip (or domain) of your VPS:
ip or domain(default_value:YOUR_IP_HERE):

These can be left as default, press enter through each one.

C(default value:com):
please input the cert organization(O):
O(default value:myvpn):
please input the cert common name(CN):
CN(default value:VPN CA):
####################################
Please confirm the information:

the type of your server: [OpenVZ]
the ip(or domain) of your server: [YOUR_IP_HERE]
the cert_info:[C=com, O=myvpn]
Press any key to start...or Press Ctrl+C to cancel

You can either select a password during this process, or leave it blank. Leave SNAT at the default value, and press enter.

ca.pem [auto create]
auto create ca.pem ...
ca.cert.pem [auto create]
auto create ca.cert.pem ...
configure the pkcs12 cert password(Can be empty):
Enter Export Password:
Verifying - Enter Export Password:
####################################
Press any key to install ikev2 VPN cert
Use SNAT could implove the speed,but your server MUST have static ip address.
yes or no?(default_value:no):

This should be set at venet0 for an OpenVZ VPS or eth0 for a KVM VPS.

Network card interface(default_value:venet0):

Note that your shared key would be myPSKKey.

#############################################################
#
# [Install Complete]
# There is the default login info of your VPN
# UserName: myUserName
# PassWord: myUserPass
# PSK: myPSKkey
# you can change UserName and PassWord in /usr/local/etc/ipsec.secrets
# you must copy the cert  /root/my_key/ca.cert.pem  to the client and install it.
#
#############################################################

To change the password run:

nano /usr/local/etc/ipsec.secrets

Change MyUserName and myUserPass, to what you want your username and password to be, and press CTRL +X, y and then enter to exit nano.

myUserName %any : EAP "myUserPass"

After this is finished, you will have a fully functional L2TP VPN running on Ubuntu or CentOS.

l2tp_setup_on_ubuntu_and_centos_openvz_based_vpses.txt · Last modified: 2016/08/17 16:35 by jordan