version 2

config setup
 nat_traversal=no
 plutostart=yes
 charonstart=yes

conn L2TP-VPN
 type=transport
 keyexchange=ikev1
 keyingtries=3
 pfs=no
 rekey=no
 authby=secret
 left=192.168.56.1
 leftprotoport=17/1701
 right=%any
 rightprotoport=17/%any
 rightsubnetwithin=0.0.0.0/0
 auto=add

include /var/lib/strongswan/ipsec.conf.inc

# This file holds shared secrets or RSA private keys for inter-Pluto
# authentication.  See ipsec_pluto(8) manpage, and HTML documentation.

# RSA private key for this host, authenticating it to any other host
# which knows the public part.  Suitable public keys, for ipsec.conf, DNS,
# or configuration of other implementations, can be extracted conveniently
# with "ipsec showhostkey".

# this file is managed with debconf and will contain the automatically created private key
include /var/lib/strongswan/ipsec.secrets.inc

192.168.56.1	%any :	"123456789"

[global]
 port = 1701
 listen-addr = 192.168.56.1
 ipsec saref = no

[lns default]
 ip range = 172.16.45.2-255
 local ip = 172.16.45.1
 require authentication = no
 refuse pap = no
 require chap = no
 pppoptfile = /etc/ppp/options.xl2tpd
 ppp debug = yes
 name = test
 length bit = yes

require-mschap-v2
asyncmap 0
 auth
 crtscts
 idle 1800
 lock
 hide-password
 modem
 debug
 name test
 proxyarp
 lcp-echo-interval 30
 lcp-echo-failure 4
 mtu 1410
 mru 1410
 connect-delay 500

# Secrets for authentication using CHAP
# client	server	secret			IP addresses
1 * 1 *

"10s90122456"	*	"723362"
"7f126310"	*	"383829"
"10s90122452"	*	"035420"
"7f126321"	*	"483485"
"10s90122451"	*	"291941"

iptables -A INPUT -i vboxnet0 -p esp -j ACCEPT
iptables -A INPUT -i vboxnet0 -p udp --dport 500 -j ACCEPT
iptables -A INPUT -i vboxnet0 -p tcp --dport 500 -j ACCEPT
iptables -A INPUT -i vboxnet0 -p udp --dport 4500 -j ACCEPT
iptables -A INPUT -i vboxnet0 -p udp --dport 1701 -j ACCEPT
iptables -A INPUT -i vboxnet0 -p tcp --dport 1723 -j ACCEPT