подключение к провайдеру freedom (г. воронеж). ubuntu 10.04.03 и l2tp.

[sexy cowboy]

официальная инструкция: http://freedom-vrn.ru/support/l2tpuc.html

/etc/network/interfaces

Код: [Выделить]

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
address 10.5.23.253
netmask 255.255.255.192
gateway 10.5.23.193
up route add -net 10.0.0.0 netmask 255.0.0.0 gw 10.5.23.193
up route add -host 195.98.64.65 gw 10.5.23.193
up route add -host 195.98.64.66 gw 10.5.23.193
up route add -net 192.168.149.0/24 gw 10.5.23.193

xl2tp.conf

Код: [Выделить]

;
; Sample l2tpd configuration file
;
; This example file should give you some idea of how the options for l2tpd
; should work.  The best place to look for a list of all options is in
; the source code itself, until I have the time to write better documetation :)
; Specifically, the file "file.c" contains a list of commands at the end.
;
; You most definitely don't have to spell out everything as it is done here
;
;[global] ; Global parameters:
; port = 1701 ; * Bind to port 1701
;auth file = /etc/ppp/chap-secrets ; * Where our challenge secrets are
; rand source = dev                     ; Source for entropy for random
;                                       ; numbers, options are:
;                                       ; dev - reads of /dev/urandom
;                                       ; sys - uses rand()
;                                       ; egd - reads from egd socket
;                                       ; egd is not yet implemented
;
;
; [lns default] ; Our fallthrough LNS definition
; exclusive = no ; * Only permit one tunnel per host
; ip range = 192.168.0.1-192.168.0.20 ; * Allocate from this IP range
; no ip range = 192.168.0.3-192.168.0.9 ; * Except these hosts
; ip range = 192.168.0.5 ; * But this one is okay
; ip range = lac1-lac2 ; * And anything from lac1 to lac2's IP
; lac = 192.168.1.4 - 192.168.1.8 ; * These can connect as LAC's
; no lac = untrusted.marko.net ; * This guy can't connect
; hidden bit = no ; * Use hidden AVP's?
; local ip = 192.168.1.2 ; * Our local IP to use
; length bit = yes ; * Use length bit in payload?
; require chap = yes ; * Require CHAP auth. by peer
; refuse pap = yes ; * Refuse PAP authentication
; refuse chap = no ; * Refuse CHAP authentication
; refuse authentication = no ; * Refuse authentication altogether
; require authentication = yes ; * Require peer to authenticate
; unix authentication = no ; * Use /etc/passwd for auth.
; name = myhostname ; * Report this as our hostname
; ppp debug = no ; * Turn on PPP debugging
; pppoptfile = /etc/ppp/options.l2tpd.lns ; * ppp options file
; call rws = 10 ; * RWS for call (-1 is valid)
; tunnel rws = 4 ; * RWS for tunnel (must be > 0)
; flow bit = yes ; * Include sequence numbers
; challenge = yes ; * Challenge authenticate peer ;
;
; [lac marko] ; Example VPN LAC definition
; lns = lns.marko.net ; * Who is our LNS?
; lns = lns2.marko.net ; * A backup LNS (not yet used)
; redial = yes ; * Redial if disconnected?
; redial timeout = 15 ; * Wait n seconds between redials
; max redials = 5 ; * Give up after n consecutive failures
; hidden bit = yes ; * User hidden AVP's?
; local ip = 192.168.1.1 ; * Force peer to use this IP for us
; remote ip = 192.168.1.2 ; * Force peer to use this as their IP
; length bit = no ; * Use length bit in payload?
; require pap = no ; * Require PAP auth. by peer
; require chap = yes ; * Require CHAP auth. by peer
; refuse pap = yes ; * Refuse PAP authentication
; refuse chap = no ; * Refuse CHAP authentication
; refuse authentication = no ; * Refuse authentication altogether
; require authentication = yes ; * Require peer to authenticate
; name = marko ; * Report this as our hostname
; ppp debug = no ; * Turn on PPP debugging
; pppoptfile = /etc/ppp/options.l2tpd.marko ; * ppp options file for this lac
; call rws = 10 ; * RWS for call (-1 is valid)
; tunnel rws = 4 ; * RWS for tunnel (must be > 0)
; flow bit = yes ; * Include sequence numbers
; challenge = yes ; * Challenge authenticate peer
;
; [lac cisco] ; Another quick LAC
; lns = cisco.marko.net ; * Required, but can take from default
; require authentication = yes

[global]
access control =yes
[lac Freedom]
name = pw******
require chap = yes
require pap = no
lns = l2tp.freedom
redial = yes
redial timeout =5
require authentication = yes
ppp debug = no
pppoptfile = /etc/ppp/options.xl2tp
autodial = yes

options.xl2tp

Код: [Выделить]

unit 0
name pw******
remotename Freedom
ipparam Freedom
connect /bin/true
mru 1400
mtu 1400
nodeflate
nobsdcomp
noauth
persist
maxfail 0
nopcomp
noaccomp
defaultroute
replacedefaultroute
noproxyarp

/etc/ppp/chap-secrets
 

Код: [Выделить]

# Secrets for authentication using CHAP
# client server secret IP addresses
# вместо ...... ваш логин и ваш пароль.
pw.....        *       bА.....               


[sexy cowboy]

мне в службе поддержки указали на ошибку. я ее исправил и закрыл тему. 
тему удалять не стоит, т.к. почему-то вместо этого простого и понятного способа другие пользователи предпочитают громоздить скрипты.

а может стоить создать отдельный раздел с готовыми решениями для конкретных провайдеров?