Marown/setup-ipsec-vpn
1
0
Fork 0
mirror of https://github.com/hwdsl2/setup-ipsec-vpn.git synced 2024-06-30 17:45:43 +02:00
Code Issues Packages Projects Releases Wiki Activity
c8d8730fd0
setup-ipsec-vpn/docs/manage-users.md
hwdsl2 0c8f117fd9 Update docs 
[ci skip]
2017-01-21 12:13:27 -06:00

1.2 KiB
Raw Blame History

Manage VPN Users

Read this in other languages: English, 简体中文.

By default, a single user account for VPN login is created. If you wish to add, edit or remove users, read this document.

First, the IPsec PSK (pre-shared key) is stored in /etc/ipsec.secrets. To change to a new PSK, just edit this file.

<VPN Server IP>  %any  : PSK "<VPN IPsec PSK>"

For IPsec/L2TP, VPN users are specified in /etc/ppp/chap-secrets. The format of this file is:

"<VPN User 1>"  l2tpd  "<VPN Password 1>"  *
"<VPN User 2>"  l2tpd  "<VPN Password 2>"  *
... ...

You can add more users, use one line for each user. DO NOT use these characters within values: \ " '

For IPsec/XAuth ("Cisco IPsec"), VPN users are specified in /etc/ipsec.d/passwd. The format of this file is:

<VPN User 1>:<VPN Password 1 (hashed)>:xauth-psk
<VPN User 2>:<VPN Password 2 (hashed)>:xauth-psk
... ...

Passwords in this file are salted and hashed. This step can be done using e.g. the openssl utility:

# The output will be <VPN Password 1 (hashed)>
openssl passwd -1 "<VPN Password 1>"

When finished making changes, reboot your server.