Documentation The official documentation contains a install guide, a tutorial and a reference.We're trying to keep the official documentation in sync with the code. Both are kept in same source repository and both are available online:Documentation for the latest release 4.1Documentation for the stable release 4.0Documentation for version 3.0 (unsupported)Documentation for version 2.1 (unsupported)Documentation for the current development version (git master)You also probably want to have a look at the wiki - especially the VCL Examples. Quick install guides various operating systems: Ubuntu Debian Red Hat Enterprise Linux and Centos FreeBSDThe Varnish BookA comprehensive user guide for System Administrators and Web Developers in book format provided by Varnish Software:Online Reference Guide for the current stable  release (4.0)Online Reference Guide for version ...

IPSEC L2TP VPN on Ubuntu 14.04 with OpenSwan, xl2tpd and pppThis is a guide on setting up an IPSEC/L2TP vpn server with Ubuntu 14.04 using Openswan as the IPsec server, xl2tpd as the l2tp provider and ppp or local users / PAM for authentication. It has a detailed explanation with every step. We choose the IPSEC/L2TP protocol stack because of recent vulnerabilities found in pptpd VPNs and because it is supported on all major operating systems by defaultWhy a VPN?More than ever, your freedom and privacy when online is under threat. Governments and ISPs want to control what you can and can't see while keeping a record of everything you do, and even the shady-looking guy lurking around your coffee shop or the airport gate can grab your bank details easier than you may think. A self hosted VPN lets you surf the web the way it was intended: anonymously and without oversight.A VPN (virtual private network) creates a secure, encrypted tunnel through which all of your online data passes back a...

IPSEC L2TP VPN on CentOS 6 / Red Hat Enterprise Linux 6 / Scientific Linux 6This is a guide on setting up a IPSEC/L2TP vpn on CentOS 6 or Red Hat Enterprise Linux 6 or Scientific Linux 6 using Openswan as the IPsec server, xl2tpd as the l2tp provider and ppp for authentication. We choose the IPSEC/L2TP protocol stack because of recent vulnerabilities found in pptpd VPN's.IPSec encrypts your IP packets to provide encryption and authentication, so no one can decrypt or forge data between your clients and your server. L2TP provides a tunnel to send data. It does not provide encryption and authentication though, that is why we need to use it together with IPSec.Why a VPN?More than ever, your freedom and privacy when online is under threat. Governments and ISPs want to control what you can and can't see while keeping a record of everything you do, and even the shady-looking guy lurking around your coffee shop or the airport gate can grab your bank details easier than you may think. A self ...

Using StrongSwan for IPSec VPN on CentOS 7StrongSwan is an open source IPsec-based VPN Solution. It supports both the IKEv1 and IKEv2 key exchange protocols in conjunction with the native NETKEY IPsec stack of the Linux kernel. This tutorial will show you how to use strongSwan to set up an IPSec VPN server on CentOS 7.Install strongSwanThe strongSwan packages are available in the Extra Packages for Enterprise Linux (EPEL) repository. We should enable EPEL first, then install strongSwan.yum install http://ftp.nluug.nl/pub/os/Linux/distr/fedora-epel/7/x86_64/e/epel-release-7-5.noarch.rpm yum install strongSwan openssl Generate certificatesBoth the VPN client and server need a certificate to identify and authenticate themselves. I have prepared two shell scripts to generate and sign the certificates. First, we download these two scripts into the folder /etc/strongswan/ipsec.d.cd /etc/strongswan/ipsec.d wget https://raw.githubusercontent.com/michael-loo/strongswan_config/for_vultr/serv...

CentOS7下Strongswan架设IPSec-IKEv1, IKEv2, L2TP VPN,适用于 IOS9,OSX, Windows, LinuxVPN 隧道协议PPTP、L2TP、IPSec和SSLVPN（SSTP，OpenVPN）中安全性逐级提高，相应的受到墙的干扰相对要弱点，但是现在我们考虑到跨平台，PPTP穿透力及安全性可以忽略，所以这里搭建支持 ikev1/ikev2 的 Ipsec VPN，适用于iOS、Android、Windows 7+ 、MacOS X,及Linux。为了兼容Windows 7以下的系统，同时搭建L2TP/IPSec支持。支持IOS9 IKEV2 的配置，直接到最后查看2015.12更新安装 StrongSwan由于Openswan已经没人维护了，所以我们选择更强大的Strongswan.它是一个完整的2.4和2.6的Linux内核下的IPsec和IKEv1 的实现。它也完全支持新的IKEv2协议的Linux 2.6内核。StrongSwan 的发行版已包含在 EPEL 源中, 但是CentOS源的包比较旧，所以我们手动在官网https://www.strongswan.org/download.html下载安装包，当然你也可以直接源码编译。wget http://dl.fedoraproject.org/pub/epel/7/x86_64/s/strongswan-5.3.2-1.el7.x86_64.rpm rpm -ihv strongswan-5.3.2-1.el7.x86_64.rpm编译：wget http://download.strongswan.org/strongswan.tar.gz tar xzf strongswan.tar.gz cd strongswan-*...

在 CentOS 7 上部署 L2TP/IPSec VPN 服务 首先安装strongswan和xl2tpd： Shell yum install strongswan xl2tpd 记得开启IP转发，修改 /etc/sysctl.conf，将net.ipv4.ip_forward的值改为1，然后执行 sysctl - p 使之生效。 接下来修改 /etc/strongswan/ipsec.conf文件，如下： config setup conn %default ikelifetime=60m keylife=20m rekeymargin=3m keyingtries=1 conn l2tp keyexchange=ikev1 # IKE版本 left=<对外IP> leftsubnet=0.0.0.0/0 leftprotoport=17/1701 authby=secret leftfirewall=no right=%any rightprotoport=17/%any type=transport auto=add 修改 /etc/strongswan/ipsec.secrets文件（没有此文件就新建一个）： # ipsec.secrets - strongSwan IPsec secrets file : PSK " " IPsec的部分就完成了，接下来是L2TP。 /etc/xl2tpd/xl2tpd.conf文件的 [lns default] 部分如下： [lns default] ip range = 10....

This is a guide on setting up an IPSEC VPN server on CentOS 7 using StrongSwan as the IPsec server and for authentication. It has a detailed explanation with every step. We choose the IPSEC protocol stack because of recent vulnerabilities found in pptpd VPNs and because it is supported on all recent operating systems by default. Why a VPN?More than ever, your freedom and privacy when online is under threat. Governments and ISPs want to control what you can and can't see while keeping a record of everything you do, and even the shady-looking guy lurking around your coffee shop or the airport gate can grab your bank details easier than you may think. A self hosted VPN lets you surf the web the way it was intended: anonymously and without oversight.A VPN (virtual private network) creates a secure, encrypted tunnel through which all of your online data passes back and forth. Any application that requires an internet connection works with this self hosted VPN, including your web browser, e...

Configuring Remote Administration The VisualSVN Server Manager console uses Windows Management Instrumentation (WMI) for remote administration. Connecting to WMI on a remote computer requires that Windows Firewall and security settings be configured properly on the server. The following configuration steps apply to domain and non-domain environments. Non-domain environments may require additional steps. The following main steps enable VisualSVN Server Remote Administration: Configure the Windows Firewall rules to allow network connections to WMI,Grant appropriate user access permissions. Windows Firewall Connecting to WMI remotely requires that you first configure the Windows Firewall on the server to allow this. Incorrect Windows Firewall settings are usually identified by receiving the "RPC Server Unavailable" error message when trying to remotely ...

您所在的组无权查看该日志

haproxy 代理 ssl 有两种方式 1、haproxy 本身提供ssl 证书，后面的web 服务器走正常的http 2、haproxy 本身只提供代理，后面的web服务器https 第一种方式 需要编译haproxy 支持ssl， 编译参数：      make TARGET=linux26 USE_OPENSSL=1 ADDLIB=-lz ldd haproxy | grep ssl libssl.so.10 => /usr/lib64/libssl.so.10 (0x00007fb0485e5000) 配置参数： frontend https_frontend bind *:443 ssl crt /etc/ssl/certs/servername.pem mode http option httpclose option forwardfor reqadd X-Forwarded-Proto:\ https default_backend web_server backend web_server mode http balance roundrobin cookie SERVERID insert indirect nocache server s1 192.168.250.47:80 check cookie s1 server s2 192.168.250.49:80 check cookie s2 注意：这里的pem 文件是下面两个文件合并而成： cat servername.crt servername.key |tee servername.pem 第二种方式配置 不需要重新编译支持ssl，简单方便。需要后面的web服务器配置好ssl 即可。 frontend https_frontend bind *:443 mode ...