Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Set up a IPSEC/L2TP VPN on Ubuntu 13.10 and 13.04 with OpenSwan, xl2tpd and ppp
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Set up a IPSEC/L2TP VPN on Ubuntu 13.10 and 13.04 with OpenSwan, xl2tpd and ppp

This is a guide on setting up an IPSEC/L2TP vpn server with Ubuntu 13.10 or 13.04 using Openswan as the IPsec server, xl2tpd as the l2tp provider and ppp or local users / PAM for authentication. It has a detailed explanation with every step. We choose the IPSEC/L2TP protocol stack because of recent vulnerabilities found in pptpd VPNs.

This tutorial is available for the following platforms:

This tutorial is tested on a VPS from InceptionHosting.com. They provide excellent VPS servers! If you buy a VPS via this link, you help support me!

IPSec encrypts your IP packets to provide encryption and authentication, so no one can decrypt or forge data between your clients and your server. L2TP provides a tunnel to send data. It does not provide encryption and authentication though, that is why we need to use it together with IPSec.

To work trough this tutorial you should have:

  • 1 ubuntu 13.10 or 13.04 server with at least 1 public IP address and root access
  • 1 (or more) clients running an OS that support IPsec/L2tp vpns (Ubuntu, Mac OS, Windows, Android).
  • Ports 1701 TCP, 4500 UDP and 500 UDP opened in the firewall.

If you are not running Ubuntu 13.10 you might have to compile the packages manually because openswan and xl2tpd in the older repositories seem to have critical bugs which make this all fail.

I do all the steps as the root user. You should do to, but only via * -i* or * su -*. Do not allow root to login via SSH!

Read on for Ubuntu 13.10
Read on for Ubuntu 13.04

Sign In or Register to comment.