Connecting to a L2TP/IPSec VPN from Ubuntu desktop
In my previous post, “Secure IPsec/L2TP VPN for on the road android devices” I have written on how to set up an IPsec/L2TP VPN server and connect to it from any android device. I was really impressed how simple it was to configure a secure VPN tunnel with IPSEC, so I decided to go a bit further and try to use the same tunnel with Ubuntu Desktop. Unfortunately the IPsec/L2TP client side isn’t well supported under Linux, this is maybe beacuse everyone is using OpenVpn. At the end I stumbled into Werner Jaeger launchpad page, where I found a GUI to manage IPsec/L2TP connection from Ubuntu Desktop, the connection set up is very straightforward and without glitches. Along with a simple PSK configuration, the GUI allow to use certificate for authentication and more advanced L2TP options as redial- timeout and attempts and of course all important PPP options.
A more extended guide can be found at http://wiki.l2tpipsecvpn.tuxfamily.org
l2tp-ipsec-vpn installation
apt-add-repository ppa:werner-jaeger/ppa-werner-vpn apt-get update apt-get install l2tp-ipsec-vpn reboot
1) Right click on the icon in the notification area,
and go to ‘Edit connections’.
2) Authenticate as root.
3) Choose a name for the VPN
4) IPsec configuration:
Remote server: The ip address of the VPN server
Use pre-shared key for authentication: use the passphrase
from the server /etc/ipsec.secrets
L2TP Configuration:
Select Length bit
PPP configuration:
Select only CHAP authentication and enter the User name and
the password from the server /etc/ppp/chap-secrets copy
Click on OK
Connecting to the VPN: Go to the icon in the notification area and
click on vpnhome, wait for a couple of seconds and you must be
connected to the VPN.
14/07/2011 at 6:02 pm Permalink
thanks for vpn tutorial bro, im waiting your next post about ubuntu or other linux
14/07/2011 at 6:50 pm Permalink
Il’l try to do my best.
Phillip
06/08/2011 at 3:07 am Permalink
Thank you for the post. I cannot connect your way. The official wiki suggests checking the last three PPP protocols. After that I can connect.
09/08/2011 at 7:15 am Permalink
Thanks god i found your blog and l2tp-ipsec-vpn. Your tutorial worked really well to setup my VPN connection. I still had to iterate a few times with the IP settings to make it work (eg. need to put the DNS servers in automatic)
you made my day!
g
29/09/2011 at 6:22 pm Permalink
Yes excellent tuto .
but,…
the application of this tutorial does not allow the operation of the vpn long term.
and if the internet crash, the vpn also planted but does not reconnect
Result: vpn connection interrupted the exposure causes the PC concerned.
this problem has been, is found in Debian and derivatives (Ubuntu and others).
For my part,
I note that the key concern in the debian en fr version while it does not seem worried.
A solution you one? If so I am very interested because my machines are remote and therefore a source vpn death is bad security.
Thank you for the follow-up to this post.
29/09/2011 at 6:24 pm Permalink
Correction with apologies: I did not read before sending:
debian concerned: Fr, De (utschland) and En.
It (alian) has no worries.
20/10/2011 at 12:28 pm Permalink
Hi,
Have followed all steps but I am getting following error on Ubuntu 11.10
——————————————-
ipsec_setup: Stopping Openswan IPsec…
Stopping xl2tpd: xl2tpd.
ipsec_setup: Starting Openswan IPsec 2.6.28…
ipsec_setup: No KLIPS support found while requested, desperately falling back to netkey
ipsec_setup: NETKEY support found. Use protostack=netkey in /etc/ipsec.conf to avoid attempts to use KLIPS. Attempting to continue with NETKEY
Starting xl2tpd: xl2tpd.
Last command timed out
000 initiating all conns with alias=’connName’
021 no connection named “connName”
[ERROR 300] ‘IPsec’ failed to negotiate or establish security associations
21/10/2011 at 4:15 pm Permalink
Hi,
I tried this on Ubuntu 11.04 and it seems after install and reboot, I couldnt find L2Tp in edit connections.
Any idea?
Thanks
10/12/2011 at 12:13 pm Permalink
[ERROR 99] L2tpIPsecVpnControlDaemon is either not started or connection to it failed
12/12/2011 at 12:29 pm Permalink
Nk: Same problem here with Ubuntu 11.10
13/12/2011 at 9:45 pm Permalink
Hello,
looks like it’s a problem related with the new 3.0 kernel and the IPSEC module.
18/01/2012 at 6:45 am Permalink
hello,
nice post but i have a problem. i am behind NAT (like many others) and on vpn server (WinServer2003) i limited to a static ip address (like: 192.168.255.12). but with this method, vpn connection tries to connect with the ip address of my local network (192.168.2.4)!!
so consequently, connection will fail!
how could i set a manual ip address to connect with?
03/04/2012 at 10:47 pm Permalink
Hi All,
Please could you let me which version of Ubuntu this works for? I have tried 11.10 Desktop x32 to no avail. Many thanks
Gary
04/04/2012 at 6:17 am Permalink
Hi Gary,
unfortunately the ipsec modules are not working on the 3.* kernel version. Let’s hope for some good news in the Ubuntu 12.04 release. This how to was written for Ubuntu 11.04.
Best,
Phillip