LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 07-17-2018, 06:21 AM   #1
Feanor
LQ Newbie
 
Registered: Sep 2010
Location: Police State
Distribution: Slackware
Posts: 23

Rep: Reputation: 1
L2TP over IPSEC


Hi Everyone

Messing around with networking, routing and tunneling has never been my strong suite, and my main workplace recently changed their VPN to an L2TP over IPSEC solution. Obviously I need to reconfigure.

I've been looking at the various projects supporting these protocols, and feel a little overwhelmed. Until now we've used a cheesy PPP connection, and I always battled with the firewall rules and connection parameters to maintain a decent stable connection. I don't quite trust myself to get it right, and the office techs (it being a largely windows shop), can't really help.

Ideally I'd like to be able to run a little shell script to make the new connection, and until it's disabled have all network traffic go via the VPN tunnel, to ensure no data leakage. For now, there is a password, and a shared secret. I will need to access wikis running on linux webservers in-house and available on the office LAN. If I can get a terminal to my office slackware machine, then I can do most things I'll need to do from there.

Any advice / recommendations on the best packages to use, and how best to string together the protocols?

Currently I'm looking at the possibility of http://slackbuilds.org/repository/14...rk/strongswan/ together with https://www.xelerance.com/software/xl2tpd/

Is this old document still relevant: http://www.jacco2.dds.nl/networking/linux-l2tp.html ?

Best regards
Feanor

Last edited by Feanor; 07-17-2018 at 07:11 AM.
 
Old 07-17-2018, 11:13 PM   #2
petslack
LQ Newbie
 
Registered: Apr 2009
Location: Sao Paulo, Brazil
Distribution: Slackware64-Current, CentOS, Debian, Kali
Posts: 16

Rep: Reputation: 3
Hi Feanor, I think this link should be helpful for you:
https://wiki.gentoo.org/wiki/IPsec_L2TP_VPN_server
 
Old 07-19-2018, 06:59 AM   #3
Feanor
LQ Newbie
 
Registered: Sep 2010
Location: Police State
Distribution: Slackware
Posts: 23

Original Poster
Rep: Reputation: 1
Thanks petslack, but that seems to be mostly server-specific - I'm just trying to connect a client to a pre-existing server.

This document makes it seem reasonably straightforward, except it's not clear what files are actually being edited, and what package they belong to: http://www.jacco2.dds.nl/networking/linux-l2tp.html

It's not clear to me how far I can get without hitting slackbuilds...

Last edited by Feanor; 07-19-2018 at 07:07 AM.
 
Old 07-19-2018, 09:15 AM   #4
petslack
LQ Newbie
 
Registered: Apr 2009
Location: Sao Paulo, Brazil
Distribution: Slackware64-Current, CentOS, Debian, Kali
Posts: 16

Rep: Reputation: 3
Hi Feanor,
In this example they're using l2tpd but as it's dead project you can use its fork rp-l2tp (it's as simple the original). Just copy the /etc/l2tp/l2tp.conf.example to /etc/l2tp/l2tp.conf and edit it as you wish.

rp-l2tp source: https://sourceforge.net/projects/rp-l2tp/

Personally, I prefer to use openl2tp, that's already in Slackbuilds.org.
 
Old 07-20-2018, 06:34 PM   #5
rkelsen
Senior Member
 
Registered: Sep 2004
Distribution: slackware
Posts: 2,098

Rep: Reputation: 445Reputation: 445Reputation: 445Reputation: 445Reputation: 445
Quote:
Originally Posted by petslack View Post
Personally, I prefer to use openl2tp, that's already in Slackbuilds.org.
So have you set this up to connect to an L2TP server?

If so, how did you get it working?
 
Old 07-23-2018, 06:27 PM   #6
PROBLEMCHYLD
Member
 
Registered: Apr 2015
Posts: 648

Rep: Reputation: Disabled
Quote:
Originally Posted by rkelsen View Post
So have you set this up to connect to an L2TP server?

If so, how did you get it working?
Do your client require certificates?
 
Old 07-23-2018, 10:32 PM   #7
petslack
LQ Newbie
 
Registered: Apr 2009
Location: Sao Paulo, Brazil
Distribution: Slackware64-Current, CentOS, Debian, Kali
Posts: 16

Rep: Reputation: 3
Quote:
Originally Posted by rkelsen View Post
So have you set this up to connect to an L2TP server?

If so, how did you get it working?
Hi rkelsen, I got it working some time ago in a Debian server and it was a simple config without Strongswan then...I didn't try to run openl2tp + Strongswan so.

If you want to take a look I put the results of a simple test that I ran today using Openl2tp in a Slackware64-Current (L2TP server) and Debian (L2TP client).
Attached Files
File Type: txt openl2tpd_tests.txt (9.3 KB, 10 views)
 
Old 11-06-2018, 12:50 AM   #8
rkelsen
Senior Member
 
Registered: Sep 2004
Distribution: slackware
Posts: 2,098

Rep: Reputation: 445Reputation: 445Reputation: 445Reputation: 445Reputation: 445
Quote:
Originally Posted by PROBLEMCHYLD View Post
Do your client require certificates?
Apologies for the delays in replying... No, it doesn't.

The VPN "server" is actually a Draytek router, which I can connect to with Windows... Just looking to do the same with Slackware.

We're using a shared key.

All I have is my username, password, shared key and IP address.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
VPN with l2tp over ipsec rafspiny Linux - Networking 2 11-15-2015 06:27 AM
IPSEC - why would one want to use L2TP in addition? psycroptic Linux - Server 2 11-09-2014 11:45 AM
IPSec and L2TP - why combine them hahacc Linux - Networking 3 10-31-2013 06:17 AM
IPSEC with L2TP in linux shesha_gp Linux - Server 4 04-29-2010 10:11 AM
IPSec/L2TP mahesh_sonawane Linux - Networking 1 06-04-2007 02:32 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 03:03 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration