In my previous post, “Secure IPsec/L2TP VPN for on the road android devices” I have written on how to set up an IPsec/L2TP VPN server and connect to it from any android device. I was really impressed how simple it was to configure a secure VPN tunnel with IPSEC, so I decided to go a bit further and try to use the same tunnel with Ubuntu Desktop. Unfortunately the IPsec/L2TP client side isn’t well supported under Linux, this is maybe beacuse everyone is using OpenVpn. At the end I stumbled into Werner Jaeger launchpad page, where I found a GUI to manage IPsec/L2TP connection from Ubuntu Desktop, the connection set up is very straightforward and without glitches. Along with a simple PSK configuration, the GUI allow to use certificate for authentication and more advanced L2TP options as redial- timeout and attempts and of course all important PPP options.
A more extended guide can be found at http://wiki.l2tpipsecvpn.tuxfamily.org
l2tp-ipsec-vpn installation
apt-add-repository ppa:werner-jaeger/ppa-werner-vpn apt-get update apt-get install l2tp-ipsec-vpn reboot
1) Right click on the icon in the notification area,
and go to ‘Edit connections’.
2) Authenticate as root.
3) Choose a name for the VPN
4) IPsec configuration:
Remote server: The ip address of the VPN server
Use pre-shared key for authentication: use the passphrase
from the server /etc/ipsec.secrets
L2TP Configuration:
Select Length bit
PPP configuration:
Select only CHAP authentication and enter the User name and
the password from the server /etc/ppp/chap-secrets copy
Click on OK
Connecting to the VPN: Go to the icon in the notification area and
click on vpnhome, wait for a couple of seconds and you must be
connected to the VPN.
thanks for vpn tutorial bro, im waiting your next post about ubuntu or other linux
Il’l try to do my best.
Phillip
Thank you for the post. I cannot connect your way. The official wiki suggests checking the last three PPP protocols. After that I can connect.
Thanks god i found your blog and l2tp-ipsec-vpn. Your tutorial worked really well to setup my VPN connection. I still had to iterate a few times with the IP settings to make it work (eg. need to put the DNS servers in automatic)
you made my day!
g
Yes excellent tuto .
but,…
the application of this tutorial does not allow the operation of the vpn long term.
and if the internet crash, the vpn also planted but does not reconnect
Result: vpn connection interrupted the exposure causes the PC concerned.
this problem has been, is found in Debian and derivatives (Ubuntu and others).
For my part,
I note that the key concern in the debian en fr version while it does not seem worried.
A solution you one? If so I am very interested because my machines are remote and therefore a source vpn death is bad security.
Thank you for the follow-up to this post.
Correction with apologies: I did not read before sending:
debian concerned: Fr, De (utschland) and En.
It (alian) has no worries.
Hi,
Have followed all steps but I am getting following error on Ubuntu 11.10
——————————————-
ipsec_setup: Stopping Openswan IPsec…
Stopping xl2tpd: xl2tpd.
ipsec_setup: Starting Openswan IPsec 2.6.28…
ipsec_setup: No KLIPS support found while requested, desperately falling back to netkey
ipsec_setup: NETKEY support found. Use protostack=netkey in /etc/ipsec.conf to avoid attempts to use KLIPS. Attempting to continue with NETKEY
Starting xl2tpd: xl2tpd.
Last command timed out
000 initiating all conns with alias=’connName’
021 no connection named “connName”
[ERROR 300] ‘IPsec’ failed to negotiate or establish security associations
Hi,
I tried this on Ubuntu 11.04 and it seems after install and reboot, I couldnt find L2Tp in edit connections.
Any idea?
Thanks
[ERROR 99] L2tpIPsecVpnControlDaemon is either not started or connection to it failed
Nk: Same problem here with Ubuntu 11.10
Hello,
looks like it’s a problem related with the new 3.0 kernel and the IPSEC module.
hello,
nice post but i have a problem. i am behind NAT (like many others) and on vpn server (WinServer2003) i limited to a static ip address (like: 192.168.255.12). but with this method, vpn connection tries to connect with the ip address of my local network (192.168.2.4)!!
so consequently, connection will fail!
how could i set a manual ip address to connect with?
Hi All,
Please could you let me which version of Ubuntu this works for? I have tried 11.10 Desktop x32 to no avail. Many thanks
Gary
Hi Gary,
unfortunately the ipsec modules are not working on the 3.* kernel version. Let’s hope for some good news in the Ubuntu 12.04 release. This how to was written for Ubuntu 11.04.
Best,
Phillip
Hi
I don’t have pre shared key and my company don’t no what is it and don’t have.
How i can find this?
Philip,
‘Worked a treat. Had tried this before but as you had hoped, this seems to have been fixed on 12.04 that I am currently using. Can’t seem to get DNS at the minute but can RDP over IP which is all I require. Ubuntu x64 Desktop to Sonicwall TZ200 L2TP server.
Cheers
I am getting the following errot
what can it be ?
buntu-1204-precise-64-minimal ~ # nmcli con up id vpn1
(process:6418): GLib-WARNING **: (/build/buildd/glib2.0-2.32.3/./glib/gerror.c:390):g_error_new_valist: runtime check failed: (domain != 0)
Error: No suitable device found: no active connection or device.
root@Ubuntu-1204-precise-64-minimal ~ #
more details about my configuration
~ # lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 12.04.1 LTS
Release: 12.04
Codename: precise
uname -a
Linux Ubuntu-1204-precise-64-minimal 3.2.0-32-generic #51-Ubuntu SMP Wed Sep 26 21:33:09 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux
Bummer. Trying to get it going on Ubuntu 12.10. No dice
Starting xl2tpd: invoke-rc.d: initscript xl2tpd, action “start” failed.
dpkg: error processing xl2tpd (–configure):
subprocess installed post-installation script returned error exit status 1
dpkg: dependency problems prevent configuration of l2tp-ipsec-vpn-daemon:
l2tp-ipsec-vpn-daemon depends on xl2tpd (>= 1.2.5); however:
Package xl2tpd is not configured yet.
dpkg: error processing l2tp-ipsec-vpn-daemon (–configure):
dependency problems – leaving unconfigured
dpkg: dependency problems prevent configuration of l2tp-ipsec-vpn:
l2tp-ipsec-vpn depends on l2tp-ipsec-vpn-daemon (>= 0.9.8); however:
Package l2tp-ipsec-vpn-daemon is not configured yet.
dpkg: error processing l2tp-ipsec-vpn (–configure):
dependency problems – leaving unconfigured
Setting up libcli1.9:amd64 (1.9.6-1) …
Setting up l2tpns (2.1.21-1.1ubuntu1) …
Starting l2tpns: l2tpns.
Processing triggers for libc-bin …
ldconfig deferred processing now taking place
Processing triggers for ureadahead …
Errors were encountered while processing:
xl2tpd
l2tp-ipsec-vpn-daemon
l2tp-ipsec-vpn
E: Sub-process /usr/bin/dpkg returned an error code (1)
hi dear
thank you for tutorial
which is difference between your tutorial and below tutorial?
https://strongvpn.com/setup_ubuntu_11.10_l2tp.shtml