無管理系統

1. git clone https://github.com/Nyr/openvpn-install.git

	cd /openvpn-install

2. chmod +x openvpn-install.sh

3.sudo ./openvpn-install.sh

 3-1 ask client name
 3-2 ask ip address( x96.ddns.net)
 3-3...................
 Client name: hckao

4. create an other user 
	./openvpn-install.sh


set ip table

sudo iptables -t nat -A POSTROUTING -s 10.8.0.1/24 -o ppp0 -j MASQUERADE

and

edit /etc/rc.local

#add this line

sudo iptables -t nat -A POSTROUTING -s 10.8.0.1/24 -o ppp0 -j MASQUERADE



########################################################



1. sudo sh vpnsetup.sh

2. Enable ipsec service to start on boot

sudo systemctl enable ipsec



3. Manage VPN Users

The IPsec PSK (pre-shared key) is stored in./etc/ipsec.secrets 


For IPsec/L2TP, VPN users are specified in /etc/ppp/chap-secrets. 
The format of this file is:

"your_vpn_username_1" l2tpd "your_vpn_password_1" *
"your_vpn_username_2" l2tpd "your_vpn_password_2" *




or IPsec/XAuth ("Cisco IPsec"), 
VPN users are specified in /etc/ipsec.d/passwd. 
The format of this file is:

your_vpn_username_1:your_vpn_password_1_hashed:xauth-psk
your_vpn_username_2:your_vpn_password_2_hashed:xauth-psk


Passwords in this file are salted and hashed. This step can be done using e.g. the openssl utility:

# The output will be your_vpn_password_1_hashed
openssl passwd -1 'your_vpn_password_1'





Finally, restart services if you changed to a new PSK. 
For add, edit or remove VPN users, 
a restart is normally not required.

sudo service ipsec restart || 
sudo systemctl restart ipsec

sudo service xl2tpd restart || 
sudo systemctl restart xl2tpd


--------------------------------------

完成囉，如果登入或連線有問題，可以檢查以下 Log File：

sudo tail -f /var/log/auth.log