#!/bin/bash # IKEV2+IPSEC/L2TP+PPTP/Freeradius-Client install for CentOS # Powered XiaoSang (i@sangsir.com) # vpn.sh # Check if user is root if [ $(id -u) != "0" ]; then echo "Error: You must be root to run this script, use sudo $0" exit 1 fi #check if CentOS if [ ! -e '/etc/redhat-release' ]; then echo 'Error: sorry, we currently support CentOS only' exit 1 fi function echoline { echo "=========================================================================" } function one { #config ip while [ "${ip}" = "" ] do read -p "Server ip: " ip if [ "${ip}" = "" ]; then echo "Error: Server ip Can't be empty!!" fi done #config eth while [ "${eth}" = "" ] do read -p "Server eth: " eth if [ "${eth}" = "" ]; then echo "Error: Server eth Can't be empty!!" fi done #install IKEV2+IPSEC cd ~ yum -y update yum -y install wget yum -y install pam-devel openssl-devel make gcc wget http://download.strongswan.org/strongswan-5.3.2.tar.gz tar xzf strongswan-5.3.2.tar.gz cd strongsw An-5.3.2 ./configure --enable-eap-identity --enable-eap-md5 --enable-load-tester --enable-eap-mschapv2 --enable-eap-tls --enable-eap-ttls --enable-eap-peap --enable-eap-tnc --enable-eap-dynamic, --enable-eap-peap, --enable-eap-tnc, --enable-eap-mschapv2, --enable-eap-tls, --enable-eap-ttls, --enable-eap-peap, --enable-eap-tnc and --enable-eap-dynamic. -export -inkey client.pem -in client.cert.pem -name "client" -certfile ca.cert.pem -caname, "FeiQuanVPN", -caname, ca.cert.pem, -caname, "FeiQuanVPN", ca.cert.pem, -caname, "FeiQuanVPN", -caname, "the", "the", "the", "the". "/usr/local/etc/ipsec.conf echo" rightauth=psk "/usr/local/etc/ipsec.conf echo" rightauth2=xauth "/usr/local/etc/ipsec.conf echo" rightsourceip=10.31.2.0/27 "/usr/local/etc/ipsec.conf echo" rightsourceip=10.31.2.0/27 "," Qi "" "," the "Qi" and "Yu". Right=%any "/usr/local/etc/ipsec.conf echo" rightauth=eap-radius "/usr/local/etc/ipsec.conf echo" rightsourceip=10.31.2.0/27 "/usr/local/etc/ipsec.conf echo" rightsendcert=never "rightsendcert=never" "/usr/local/etc/ipsec.conf ", "" "" "" "" "" "" "" "" "" "" "" "," "" "" "," "" "" "," "" "" "," "" "" "," "" "" "," "," "," " /etc/strongswan.conf echo "Charon {" /usr/local/etc/strongswan.conf echo "load_modular = yes". /usr/local/etc/strongswan.conf echo "duplicheck.enable = no". "Echo =". Auth_port = 1812 "/usr/local/etc/strongswan.conf echo" acct_port = 1813 "/usr/local/etc/strongswan.conf echo" preference = 99 "/usr/local/etc/strongswan.conf echo"} "/usr/local/etc/strongswan.conf ", "/usr/local/etc/strongswan.conf ", "}", "}"} "}", "}", "{" "}", "{" "}"} "}" "}"} "}" Echo "}" /usr/local/etc/strongswan.conf echo "}" "/usr/local/etc/strongswan.conf ", "/usr/local/etc/strongswan.conf ", "/usr/local/etc/strongswan.conf ", "/usr/local/etc/strongswan.conf ", "/usr/local/etc/strongswan.conf ", "/usr/local/etc/strongswan.conf ", "500", "500", "4500", "1723", "1723", "1723", "1814", "1814", "Cho" nbns1 = 8.8.8.8 "/usr/local/etc/strongswan.conf echo" nbns2 = 8.8.4.4 "/usr/local/etc/strongswan.conf The first is the 1812. -j ACCEPT iptables -A INPUT -p TCP -m TCP --dport 1812 -j 1.200 "/etc/xl2tpd/xl2tpd.conf echo" local IP = 10.31.1.1 "/etc/xl2tpd/xl2tpd.conf echo" require chap = yes "/etc/xl2tpd/xl2tpd.conf ", "local" = "" "," = "" / "" "," = "" / "", "=" "," "," = "", "" = "", "" = "" = "", "" = "" "," "," "", "" "," "", "" "," "" "" "," "" "" "," "", "" "," "," "", "" "" "," "" "" "" "" "," "," "," "," "0" " "Ions.xl2tpd echo" noccp "/etc/ppp/options.xl2tpd echo" auth "/etc/ppp/options.xl2tpd echo" crtscts "/etc/ppp/options.xl2tpd echo" crtscts "," Qi "," Yu "," 30 "," 4 ". Options.pptpd echo "radius-config-file /usr/local/etc/radiusclient/radiusclient.conf" /etc/ppp/options.pptpd sed -i's/logwtmp/#logwtmp/g'/etc/pptpd.conf echo "localip 10.31.1.1". Crosoft CD ~ } clear echo " echo", "IKEV2+IPSEC/L2TP+PPTP/Freeradius-Client install for CentOS" echo "Please press Please", "1.", "2.", "3.", "3.", "2.", "3.".