Visit the LQ Articles and Editorials section
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 04-20-2013, 01:38 AM   #1
LQ Newbie
Registered: Apr 2012
Posts: 8

Rep: Reputation: Disabled
Setup a L2TP VPN server

Hello,i've been banging my heads against this issue for several days and i cannot get my L2TP VPN server working on a CENTOS VPS. i tried various tutorials but the problem remains the same. i can establish a l2tp connection (without ipsec encryption) with the VPN server from my Android phone and win8 desktop. but if i try to access the internet via the vpn server, the connection is terminated. also, i can not establish a l2tp connection using ipsec shared secrets.tcpdump -i eth0 -p 500 output the followings details:
, length 272)
xxxxxxxxxxxxxxxxxx.isakmp > [bad udp cksum 81fc!] isakmp 1.0 msgid 00000000 cookie 9f3842f5d727b94d->bf362731f6c9c0e0: phase 1 R ident:
(ke: key len=128 fdedaa8324c784ac37c36fb80d57c2851fdb7ae6fa719bd13d2e00816fea087707c0d894ccc73a7bd386cd52d6a5fc2041b0 158214d17bd8f759c47e2a0a1d1440f3992edb83dbd72b00edfaadff139b895e39f1641e29af5625cf0d9f62245a084f358b b4c97dfdeb2e7035ebbc5ab85816293359a6ecf6d02a8cc342631d3b)
(nonce: n len=32 f80e361e86be4089c138362404d321ec46167e90d9acf796e379ae9837bf7568)

i use the combination of strongswan and is my config

config setup

conn %default

conn joyvpn


; This is a minimal sample xl2tpd configuration file for use
; with L2TP over IPsec.
; The idea is to provide an L2TP daemon to which remote Windows L2TP/IPsec
; clients connect. In this example, the internal (protected) network
; is A special IP range within this network is reserved
; for the remote clients:
; (i.e. ...
; The listen-addr parameter can be used if you want to bind the L2TP daemon
; to a specific IP address instead of to all interfaces. For instance,
; you could bind it to the interface of the internal LAN (e.g.
; in the example below). Yet another IP address (local ip, e.g.
; will be used by xl2tpd as its address on pppX interfaces.

; IMPORTANT: always set listen-addr to a specific address, to work around a
; udpfromto bug!!!

listen-addr = x.x.x.x
; requires openswan-2.5.18 or higher - Also does not yet work in combination
; with kernel mode l2tp as present in linux 2.6.23+
; ipsec saref = yes
; Use refinfo of 22 if using an SAref kernel patch based on openswan 2.6.35 or
; when using any of the SAref kernel patches for kernels up to 2.6.35.
; ipsec refinfo = 30
force userspace = yes
debug tunnel = yes

[lns default]
ip range =
local ip =
; leave chap unspecified for maximum compatibility with windows, iOS, etc
; require chap = yes
refuse pap = yes
require authentication = yes
name = LinuxVPNserver
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes

Last edited by freefall12; 04-20-2013 at 01:39 AM.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
L2TP/IPSec VPN Setup on Centos 6 ahm375 Linux - Networking 3 08-02-2014 11:03 AM
Setting up a L2TP VPN server ratcateme Linux - Networking 5 06-26-2013 07:29 AM
xl2tpd / ppp setup for an IPsec+L2TP VPn cchildress Linux - Networking 1 02-16-2013 06:17 PM
L2TP VPN Server on Centos vahab Linux - Server 1 12-23-2012 04:52 AM
L2TP VPN connections to an ISA Server kendoucet Linux - Networking 0 03-24-2004 08:07 AM

All times are GMT -5. The time now is 08:21 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration