L2TP (VPN) for Linux Debian
First of all, please make sure you are logged into root.
1. Install necessary packages.
apt-get -y install openswan xl2tpd
2. Modify /etc/ipsec.conf It should look as follows:
# Replace wlan0 with your network interface
# Replace YOUR_IP with your local IP
# Replace PROXYSH_IP with the L2TP IP shown in your welcome email or panel's service details
3. Modify /etc/ipsec.secrets - you need to add there one line replacing 1st IP with your local IP, 2nd - with your VPN server's IP and using appropriate pre-shared key ("security") between quotes e.g.
220.127.116.11 18.104.22.168 : PSK "security"
4. Modify /etc/xl2tpd/xl2tpd.conf - while PROXYSH_IP should be the proxy.sh L2TP IP, it should look as follows (you may replace vpn-sf14 with any other identifier):
lns = PROXYSH_IP
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes
5. Create /etc/ppp/options.l2tpd.client with following contents replacing your proxy.sh credentials:
6. Create a route to VPN server IP via your current default gateway (or ppp device if applicable). Example:
ip ro ad PROXYSH_IP via YOUR_IP
7. Restart openswan and xl2tpd:
invoke-rc.d ipsec restart
invoke-rc.d xl2tpd restart
8. Startup sequence:
ipsec auto --up L2TP-PSK
echo "c vpn-sf14" > /var/run/xl2tpd/l2tp-control
9. Shutdown sequence:
echo "d vpn-sf14" > /var/run/xl2tpd/l2tp-control
ipsec auto --down L2TP-PSK
Note that 'vpn-sf14' and 'L2TP-PSK' are identifiers used in appropriate config files.
If you wish to start VPN with the system boot, you will need to place startup commands in /etc/rc.local directory.
9. You are now ready to start using VPN. Enjoy!
Please note that the following versions were used for this tutorial: kernel 2.6.32-5, openswan 1:2.6.28+dfsg-1, xl2tpd 1.2.7+dfsg-1.
NB: If you encounter difficulties to connect with L2TP, please try to switch to OpenVPN. OpenVPN is more reliable, more secure and more flexible. OpenVPN also allows you to try various ports, including 'discreet' ones such as TCP 443. Below, you will find an aggregate of useful guides and articles that will help you troubleshoot your problems, should you have any.
Guide for setting up Safejumper (OpenVPN) on Linux Debian.
I cannot find the .ovpn and .crt files necessary for OpenVPN. Where are they?
No matter how hard I try, I cannot succesfully connect to OpenVPN.
I can't access any website through my browser while connected to VPN.
I am connected to the VPN but my IP is not yet hidden. Help!
I am having some kind of other problem. Where can I find some help?
How can I find the local log files of my VPN client?
If you still cannot connect successfully, please open a support ticket and include either a copy of your logs or a screenshot of your configuration and encountered errors. Logs can usually be found in software menus or settings, as well as their directories of installation (.log or .txt files). If you do not include a log or a screenshot, it will be hard for us to help you resolve the issues you have with connecting to our network.