添加用户名和密码
echo "user l2tpd password *">>/etc/ppp/chap-secrets
/etc/ipsec.conf
dpddelay=30
dpdtimeout=120
改为
dpddelay=5
dpdtimeout=5
http://linux.die.net/man/5/ipsec.conf
dpddelay Set the delay (in seconds) between Dead Peer Dectection (RFC 3706) keepalives (R_U_THERE, R_U_THERE_ACK) that are sent for this connection。
dpdtimeout Set the length of time (in seconds) we will idle without hearing either an R_U_THERE poll from our peer, or an R_U_THERE_ACK reply.
dpdaction :When a DPD enabled peer is declared dead, what action should be taken. hold (default) means the eroute will be put into %hold status, while clear means the eroute and SA with both be cleared. restart means the the SA will immediately be renegotiated, and restart_by_peer means that ALL SA's to the dead peer will renegotiated.
dpdaction=clear is really only useful on the server of a Road Warrior config.