IPSEC L2TP VPN on CentOS 6 / Red Hat Enterprise Linux 6 / Scientific Linux 6This is a guide on setting up a IPSEC/L2TP vpn on CentOS 6 or Red Hat Enterprise Linux 6 or Scientific Linux 6 using Openswan as the IPsec server, xl2tpd as the l2tp provider and ppp for authentication. We choose the IPSEC/L2TP protocol stack because of recent vulnerabilities found in pptpd VPN's.IPSec encrypts your IP packets to provide encryption and authentication, so no one can decrypt or forge data between your clients and your server. L2TP provides a tunnel to send data. It does not provide encryption and authentication though, that is why we need to use it together with IPSec.Why a VPN?More than ever, your freedom and privacy when online is under threat. Governments and ISPs want to control what you can and can't see while keeping a record of everything you do, and even the shady-looking guy lurking around your coffee shop or the airport gate can grab your bank details easier than you may think. A self ...

Using StrongSwan for IPSec VPN on CentOS 7StrongSwan is an open source IPsec-based VPN Solution. It supports both the IKEv1 and IKEv2 key exchange protocols in conjunction with the native NETKEY IPsec stack of the Linux kernel. This tutorial will show you how to use strongSwan to set up an IPSec VPN server on CentOS 7.Install strongSwanThe strongSwan packages are available in the Extra Packages for Enterprise Linux (EPEL) repository. We should enable EPEL first, then install strongSwan.yum install http://ftp.nluug.nl/pub/os/Linux/distr/fedora-epel/7/x86_64/e/epel-release-7-5.noarch.rpm yum install strongSwan openssl Generate certificatesBoth the VPN client and server need a certificate to identify and authenticate themselves. I have prepared two shell scripts to generate and sign the certificates. First, we download these two scripts into the folder /etc/strongswan/ipsec.d.cd /etc/strongswan/ipsec.d wget https://raw.githubusercontent.com/michael-loo/strongswan_config/for_vultr/serv...

CentOS7下Strongswan架设IPSec-IKEv1, IKEv2, L2TP VPN,适用于 IOS9,OSX, Windows, LinuxVPN 隧道协议PPTP、L2TP、IPSec和SSLVPN（SSTP，OpenVPN）中安全性逐级提高，相应的受到墙的干扰相对要弱点，但是现在我们考虑到跨平台，PPTP穿透力及安全性可以忽略，所以这里搭建支持 ikev1/ikev2 的 Ipsec VPN，适用于iOS、Android、Windows 7+ 、MacOS X,及Linux。为了兼容Windows 7以下的系统，同时搭建L2TP/IPSec支持。支持IOS9 IKEV2 的配置，直接到最后查看2015.12更新安装 StrongSwan由于Openswan已经没人维护了，所以我们选择更强大的Strongswan.它是一个完整的2.4和2.6的Linux内核下的IPsec和IKEv1 的实现。它也完全支持新的IKEv2协议的Linux 2.6内核。StrongSwan 的发行版已包含在 EPEL 源中, 但是CentOS源的包比较旧，所以我们手动在官网https://www.strongswan.org/download.html下载安装包，当然你也可以直接源码编译。wget http://dl.fedoraproject.org/pub/epel/7/x86_64/s/strongswan-5.3.2-1.el7.x86_64.rpm rpm -ihv strongswan-5.3.2-1.el7.x86_64.rpm编译：wget http://download.strongswan.org/strongswan.tar.gz tar xzf strongswan.tar.gz cd strongswan-*...

在 CentOS 7 上部署 L2TP/IPSec VPN 服务 首先安装strongswan和xl2tpd： Shell yum install strongswan xl2tpd 记得开启IP转发，修改 /etc/sysctl.conf，将net.ipv4.ip_forward的值改为1，然后执行 sysctl - p 使之生效。 接下来修改 /etc/strongswan/ipsec.conf文件，如下： config setup conn %default ikelifetime=60m keylife=20m rekeymargin=3m keyingtries=1 conn l2tp keyexchange=ikev1 # IKE版本 left=<对外IP> leftsubnet=0.0.0.0/0 leftprotoport=17/1701 authby=secret leftfirewall=no right=%any rightprotoport=17/%any type=transport auto=add 修改 /etc/strongswan/ipsec.secrets文件（没有此文件就新建一个）： # ipsec.secrets - strongSwan IPsec secrets file : PSK " " IPsec的部分就完成了，接下来是L2TP。 /etc/xl2tpd/xl2tpd.conf文件的 [lns default] 部分如下： [lns default] ip range = 10....

�����ڵ�����Ȩ�鿴����־

This is a guide on setting up an IPSEC VPN server on CentOS 7 using StrongSwan as the IPsec server and for authentication. It has a detailed explanation with every step. We choose the IPSEC protocol stack because of recent vulnerabilities found in pptpd VPNs and because it is supported on all recent operating systems by default. Why a VPN?More than ever, your freedom and privacy when online is under threat. Governments and ISPs want to control what you can and can't see while keeping a record of everything you do, and even the shady-looking guy lurking around your coffee shop or the airport gate can grab your bank details easier than you may think. A self hosted VPN lets you surf the web the way it was intended: anonymously and without oversight.A VPN (virtual private network) creates a secure, encrypted tunnel through which all of your online data passes back and forth. Any application that requires an internet connection works with this self hosted VPN, including your web browser, e...

Intel AHCI 驱动安装方法及常见问题汇总（20131219）   相关文章 　　·　Win XP系统下开启AHCI硬盘工作模式的方法 　　·　Windows系列系统如何安装硬盘驱动（AHCI） 　　·　Intel 6系芯片组Windows XP AHCI驱动加载方法 　　·　Win XP系统下加载Q77芯片组的AHCI驱动安装指导 　　·　Intel RAID/AHCI 驱动程序 　　·　Intel Q67 RAID/AHCI 驱动程序 知识点分析: 希望安装XP系统并开启硬盘的AHCI模式，在F6安装AHCI驱动后出现蓝屏7B的报错。可以看到下图中可选的选项有很多，蓝屏原因是没有选择正确的AHCI驱动导致。上图可以通过键盘上的“↓”键盘还可以选择更多的选项。操作步骤: 为了方便大家安装，将芯片组及对应驱动的选择进行了汇总，如下：1. Intel 3 Series Chipset，如：Q35选择：Intel(R) ICH9R/DO/DH SATA AHCI Controller2. Intel 4 Series Chipset，如：Q45选择：Intel(R) ICH10D/DO SATA AHCI Controller3. Intel 5 Series Chipset，如：Q57、H55、H57选择...

在安装WIN2003 SERVER时,在启动过程中按F6后,再按S加载RAID卡驱动后,在复制完文件重新启动后无法继续安装 故障描述:配置RAID/SCSI卡的机型，在安装WIN2003 SERVER时，在启动过程中按F6后，再按S加载RAID卡驱动后，按Enter继续安装仍提示找不到硬盘。解决方案:因为win2003server与WIN2000不同，在安装系统时，在按F6后(是英文界面)，需按两次"S"加载RAID卡之类设备的驱动程序：第一次按S键是加载Specify Additional Device软盘驱动;在加载完软盘驱动后，系统提示“The driver you provided seems to be newer than the Windows default driver.”，再下面提示：按“S”继续。 到屏幕上出现“Setup will load support for the following mass storage device(s)...”时，按回车键可以继续安装。而在在默认情况下可能习惯于WIN2000的安装方式，直接按回车加载驱动，按“Enter”是加载WINDOWS系统自带的驱动程序，所以会出现上述情况。

�����ڵ�����Ȩ�鿴����־

Virtual Development BoardIf you want to have an Embedded Linux Development Board, and you don't want to pay for it, then you can DIY a Virtual Development Board.The Virtual Development Board is an emulation board which made from QEMU, actually it's a Virtual Machine. Contents1 Debug Mode1.1 QEMU1.1.1 Download QEMU1.1.2 Install QEMU1.2 Bootloader1.2.1 Prepare Cross Toolchain1.2.2 Download U-Boot1.2.3 Cross compile U-Boot1.2.4 Debug U-Boot1.3 Linux Kernel1.3.1 Download Linux Kernel1.3.2 Cross Compile Linux Kernel1.3.3 Load Linux Kernel1.3.3.1 Download and Install Open TFTP Server1.3.3.2 prepare qemu-ifup & qemu-ifdown1.3.3.3 tftpboot uImage1.3.4 run linux kernel1.3.4.1 prepare the rootfs1.3.4.2 prepare the nfs1.3.4.3 run linux kernel1.4 driver1.4.1 add a device to QEMU1.4.2 write the device driver1.5 GUI2 Run Mode2.1 QEMU2.1.1 Support FLASH on QEMU2.1.2 Fix Compilation Errors2.2 U-Boot2.2.1 burn U-Boot into flash3 References4 External linksDebug ModeQEMUDownload QEMUThere are two wa...