Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Need a tutorial of l2tp ipsec with radius
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Need a tutorial of l2tp ipsec with radius

AICAIC Member

Hi,

I need to install the l2tp over ipsec with ikev1 and ikev2 support. Is there any tutorial available to install and configure the above protocol on centos with radius authentication.

I will be thankful.

Comments

  • maybe softether?

  • AICAIC Member

    @maoyipeng said:
    maybe softether?

    Any link to the tutorial.

  • As far as I know, SoftEther still does not support IKEv2.

    @AIC, do you really need L2TP? If you want to configure plain IPsec IKE/IKEv2, use my tutorial http://lowendtalk.com/discussion/44964/vpn-everywhere-ipsec-without-l2tp-with-strongswan-even-in-openvz

  • AICAIC Member
    edited July 2015

    @ValdikSS said:
    As far as I know, SoftEther still does not support IKEv2.

    AIC, do you really need L2TP? If you want to configure plain IPsec IKE/IKEv2, use my tutorial http://lowendtalk.com/discussion/44964/vpn-everywhere-ipsec-without-l2tp-with-strongswan-even-in-openvz

    Well i have setup the IKv2 with strongswan, but i need a configuration for the remote radius authentication.

    Do you have any tutorial for this.

    Thanks in advance.

  • AIC said: Well i have setup the IKv2 with strongswan, but i need a configuration for the remote radius authentication.

    I don't have a tutorial, but I personally use poor-man radius authentication with just radius accounting. Real authentication is possible only with EAP where strongSwan passes EAP-TLS to radius server. I contrive to make sort of authentication with just radius accounting. The thing is that we don't send "accounting ok" conformation for "accounting start" packet if there is something wrong with the client and strongSwan has an option to close IKE connection if accounting failed. You can perform authentication based on some fields in the certificate (I use logins in CN). Are you interested in more details about this?

  • AICAIC Member

    @ValdikSS said:
    I don't have a tutorial, but I personally use poor-man radius authentication with just radius accounting.Are you interested in more details about this?

    Yes i do, I am already using the freeradius for the openvpn and pptp, and also used the l2tp over ipsec. But the ios updates not supporting the l2tp over ipsec and i have to change my configuration for the ios client to use the ipsec with ikev1 and ikev2. That's need to be authenticating users through radius.

    That is my network design.

    Thanks for your time.

  • Ive done this with debian. Piece of cake. Centos? No idea sorry.

  • AICAIC Member

    @cosmicgate said:
    Ive done this with debian. Piece of cake. Centos? No idea sorry.

    any tutorial for debian you have written. link please

Sign In or Register to comment.