Layer 2 Tunnelling Protocol is a layer 7 networking protocol which provides an unsecure layer 2 tunnel. It runs on top of UDP, and is commonly used to carry PPP sessions. Security is usually provided with the addition of IPsec.
Questions tagged [l2tp]
201 questions
35
votes
3 answers
Which ports for IPSEC/LT2P?
I have a firewall/router (not doing NAT).
I've googled and seen conflicting answers. It seems UDP 500 is the common one. But the others are confusing. 1701, 4500.
And some say I need to also allow gre 50, or 47, or 50 & 51.
Ok, which ports are…
hookenz
- 14,848
21
votes
2 answers
Is it possible for L2TP VPN to do auto route configuration for client during connected?
We've setup a L2TP VPN server with this tutorial, everything works like a charm.
The only issue is
We don't want client to route all traffic using this VPN, only a particular subnet, e.g. 10.0.0.0/20
On Mac, we need to set the route manually using…
Howard
- 2,275
10
votes
2 answers
L2TP/IPSec from Windows 7 to ASA 5520
I am trying to setup L2TP/IPSec on our ASA5520 to support a fringe case for one of our developers. The Windows VPN subsystem apparently stores the kerberos or NTLM cookie for the login when you use the built-in vpn subsystem, and the Cisco VPN…
Peter Grace
- 3,496
8
votes
1 answer
If IPSec has its own IP tunnel support why do some add LT2P to the stack?
I understand that you can use IPSec to tunnel data securely. According to the Wikipedia page and a few other sources it can also tunnel IP packets and then route them through an interface. That would create a VPN where one subnet would be able to…
Silverfire
- 800
6
votes
1 answer
How do I bypass my VPN when making requests to IPs in my local network?
I have L2TP VPN connection on my Ubuntu laptop and I want to connect to a server in my local network. How do I do so by bypassing the VPN connection?
6
votes
3 answers
Simple L2TP/IPsec server not working (openswan, xl2tpd, Ubuntu, Windows)
I configured openswan and xl2tpd on an Ubuntu 12.04 server (on EC2) by following various tutorials/documentation which seem to largely say the same things, but most recently this one.
However, my attempts to connect from Windows (which I configured…
xyzzyrz
- 1,685
6
votes
3 answers
L2TP client for Ubuntu
It's easy enough to get a pptp client going on a Ubuntu 9.04 (Jaunty) desktop:
sudo apt-get install network-manager-pptp
However, I can't seem to find documentation find a corresponding L2TP client to connect to our Windows VPN server at work…
nedm
- 5,710
5
votes
1 answer
Setting up site-to-site IPsec in bridged mode
I'd like to set up site-to-site IPsec in bridged mode: that is, where the hosts in each site don't need to be modified to use the IPsec gateway, but the IPsec gateway acts as a pseudowire.
My plan to do this is:
Set up host-to-host IPsec on each…
SRobertJames
- 63
5
votes
1 answer
VPN server not responding, no indications of blocked traffic
I have a Mac OS X Server (10.9) machine running a L2TP/IPSec VPN server. Configuration appears to be fine, and the hostname of both the server and the VPN is set to a DynDNS hostname. The server is configured behind an AirPort Extreme router with…
jstm88
- 767
- 2
- 9
- 21
5
votes
1 answer
Configuring OS X L2TP VPN to use Certificate for IPSEC layer instead of Pre Shared Key
I'm trying to setup a L2TP VPN on an OS X Snow Leopard Server setup, and have had success using a pre-shared key, however I would rather not rely on a simple string, and use a certificate instead.
Setting this up on the server side is seemingly…
Matthew Savage
- 538
5
votes
1 answer
Configuring L2TP VPN to use with iOS 14 and macOS Big Sur
After Apple did this in Big Sur OS I can't connect to my own VPN on Libreswan 3.27 (netkey) on 3.10.0-1160.6.1.el7.x86_64
Starting with iOS 14 and macOS Big Sur (coming soon), IPsec supports
HMAC-SHA-256 with L2TP VPN. To make sure that VPN client…
megamosk
- 53
4
votes
0 answers
L2TP ipsec using network-manager-l2tp and strongswan ubuntu 18.04
The VPN works flawlessly on OSX and Windows 10 but no luck with ubuntu
VPN gets connected on ubuntu using
Phase1 Algorithms : 3des-sha1-modp1024
Phase2 Algorithms : 3des-sha1
And in 10 seconds gets disconnected with the below msgs
…
f4r4
- 143
4
votes
1 answer
How to setup L2TP IPsec VPN server on Windows Server 2008 R2?
The Windows 2008 R2 (SBS) machine was earlier setup to run a PPTP VPN server. Due to security concerns I do want to replace the PPTP by L2TP/IPsec VPN server.
The server is behind a NAT router where 3 forward rules to the Windows Server are…
Pro Backup
- 1,024
4
votes
1 answer
Forwarding VPN via reverse SSH tunnel
I have a server that reverse ssh tunnels to a secondary server. The secondary server then acts as a "bridge" to the internal server (the external server's IP address is what I connect to).
This works fine for most services (files, ssh, etc.) but…
jstm88
- 767
- 2
- 9
- 21
4
votes
2 answers
I can connect, but cannot ping/route to remote VPN computers
Setup:
L2TP VPN Server on a Windows Server 2008 machine which is behind a router, which is behind a modem/router.
Modem/Router (IP: 192.168.2.1, Subnet: 255.255.255.0, DHCP serves 192.168.2.2 to router)
----|_ Router (IP: 192.168.2.2, Subnet:…
JakeTheSnake
- 363