Debian/Ubuntu Tips and Tricks

Debuntu

Debian/Ubuntu Tips and Tricks

How-To: Set up a L2TP over IPSec VPN using a Radius backend — page 2

Posted by chantra on June 18th, 2010

This entry is part 1 of 3 in the series How-To: Set up a L2TP over IPSec VPN using a Radius backend

XL2TP

Now, let's get on the next phase: XL2TP.

Packages Requirements

You can install xl2tp with the following command:

# apt-get install xl2tp

Configuration

The configuration of xl2tp happens in /etc/xl2tpd/xl2tpd.conf. We are going to provide IPs in the range 10.10.10.2-10.10.10.254, 10.10.10.1 being the endpoint IP of the VPN server.

So go ahead and open /etc/xl2tpd/xl2tpd.conf and make it look like:

[global]
ipsec saref = yes
listen-addr = your external IP address
port = 1701
[lns default]
ip range = 10.10.10.2-10.10.10.254
local ip = 10.10.10.1
refuse chap = yes
require pap = yes
require authentication = no
name = LinuxVPNserver
hostname = YourHostName
ppp debug = yes
length bit = yes
pppoptfile = /etc/xl2tpd/ppp-options.xl2tpd

Copy an example config from xl2tp doc:

sudo cp /usr/share/doc/xl2tpd/examples/ppp-options.xl2tpd /etc/xl2tpd/ppp-options.xl2tpd

Now go and edit etc/xl2tpd/ppp-options.xl2tpd and make it look like:

require-pap
crtscts
idle 1800
mtu 1200
mru 1200
nodefaultroute
debug
lock
proxyarp
connect-delay 5000

Same here, change it with whatever mstches your settings (DNS...)

Finally test your configuration with:

sudo xl2tpd -D

Series Navigation

One Response to “How-To: Set up a L2TP over IPSec VPN using a Radius backend — page 2”

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>