Technology
Stefan Damian, , Leave a Comment on How to Setup L2TP VPN Connection in Linux
, ,

How to Setup L2TP VPN Connection in Linux

L2TP (which stands for Layer 2 Tunneling Protocol) is a tunneling protocol designed to support virtual private networks (VPN connections) over the internet. It is implemented in most if not all modern operating systems including Linux and VPN-capable devices.

The L2TP does not provide any authentication or encryption mechanisms directly to traffic that passes through it, it is usually implemented with the IPsec authentication suite (L2TP/IPsec) to provide encryption within the L2TP tunnel.

In this article, we will show how to set up an L2TP/IPSec VPN connection in Ubuntu and its derivatives and Fedora Linux.

This guide assumes that the L2TP/IPsec VPN server has been set up and that you have received the following VPN connection details from your organization’s or company’s system administrator.

Gateway IP address or hostname
Username and Password
Pre-shared Key (Secret)

To add an L2TP/IPsec option to the NetworkManager, you need to install the NetworkManager-l2tp VPN plugin which supports NetworkManager 1.8 and later. It provides support for L2TP and L2TP/IPsec.

To install the L2TP module on Ubuntu and Ubuntu-based Linux distributions, use the following PPA.

$ sudo add-apt-repository ppa:nm-l2tp/network-manager-l2tp
$ sudo apt-get update
$ sudo apt-get install network-manager-l2tp  network-manager-l2tp-gnome

On RHEL/CentOS and Fedora Linux, use the following dnf command to install L2TP module.

# dnf install xl2tpd
# dnf install NetworkManager-l2tp
# dnf install NetworkManager-l2tp-gnome
OR
# yum install xl2tpd
# yum install NetworkManager-l2tp
# yum install NetworkManager-l2tp-gnome

Once the package installation is complete, click on your Network Manager icon, then go to Network Settings for standard configuration.

Linux no longer supports the 3DES cipher, but many appliances still use it. For any “Debian like” system  is missing phase1 and phase2 algorithm entry fields under IPSec Settings (this is a known bug), which are needed to setup an L2TP/IPSec connection to use 3DES.

Them the additional configuration consists (steps 2 and 3)::

  1. Reboot, then create a new L2TP/IPSec VPN connection – phase1 and phase2 algorithm entry fields should now be present.
  2. For the Phase1 Algorithm, enter: 3des-sha1-modp1024!
  3. For the Phase2 Algorithm, enter: 3des-sha1!

Leave a Reply