I'll start by saying, I am not a linux administrator. I've had the unfortunate pleasure of recently acquiring a customer who has a broad network full of Windows / Linux hosts / servers without any documentation from the previous admin.

That said, I have a problem. There is currently a Ubuntu 14.04.3 64-bit host in my ESXi environment that in theory was utilized for VPN access previously. I can verify that the previous notes on the communication to this device are accurate. The external DNS translates through the firewall and routes to this host as expected. Authentication to the host is done through a L@TP/IPsec with a pre-shared key. I can verify I can connect to the host, but no username or password combination I have works.

Initially, I was unable to access this device locally at all (no passwords were correct). I've since rebooted into GRUB, reset the root user, and gave myself access.

Looking through the list of local users, I do not see any of the users who previously utilized this connection. This makes me think the authentication may have been through LDAP or something else at some point.

Looking through the list of applications, I do not see any application that relates to VPN functionality (ex: openvpn).

Essentially, I'm just looking for some help on divining exactly how to figure out which application is resolving the authentication queries, where those queries are going, and how to create new users with access to this VPN tunnel.



P.S. Not looking for, "Use another VPN or build something else". While that project is underway and I will eventually use an SSLVPN tied directly to my firewall, I'm looking for specific answers to my query.

The logs don't seem to indicate anyone using the VPN from that machine. Perhaps it was active or installed, but never used.

I'm moving this thread to the Server forum to gain it some better exposure.

I don't know why your title says Debian client and the content says Ubuntu 14.04.

By the way, 14.04 is pretty old.

What are you using to connect to the host?