<WOWHDR>

Ubuntu: VPN Client Command Line

by

Website Admin
in

#1. Install these packages.

apt update && apt install strongswan xl2tpd -y

#2. Edit /etc/ipsec.conf.

conn L2TP-PSK
  authby=secret
  auto=add
  keyexchange=ikev1
  keyingtries=3
  dpddelay=30
  dpdtimeout=120
  dpdaction=clear
  rekey=yes
  ikelifetime=8h
  keylife=1h
  type=transport
  left=%defaultroute
  leftprotoport=17/1701
  right=<vpn-server-ip>
  ike=aes128-sha1-modp2048
  esp=aes128-sha1-modp2048

For Cloudraya IPSec (minimal) setting:

conn L2TP-PSK
  ike=aes128-sha1-modp2048
  esp=aes128-sha1

#3. Edit /etc/ipsec.secrets.

: PSK "<pre-shared-key>"

#4. Start the ipsec.

service ipsec start

#5. Connect the ipsec.

ipsec up L2TP-PSK

#6. Disconnect the ipsec.

ipsec down L2TP-PSK

#7. Edit /etc/xl2tpd/xl2tpd.conf.

[lac vpn-connection]

lns = <vpn-server-ip>
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes

#8. Edit /etc/ppp/options.l2tpd.client.

ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-mschap-v2
noccp
noauth
idle 1800
mtu 1410
mru 1410
defaultroute
usepeerdns
debug
connect-delay 5000
name <vpn-username>
password <vpn-password>

#9. Start xl2tpd.

service xl2tpd start

#10. Connect L2TP.

echo "c vpn-connection" > /var/run/xl2tpd/l2tp-control

#11. Disconnect L2TP.

echo "d vpn-connection" > /var/run/xl2tpd/l2tp-control

#12. Check IP address. You should have a new interface called PPP0.

ip address

4: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1410 qdisc fq_codel state UNKNOWN group default qlen 3

#13. You can check log for ipsec and xl2tpd at /var/log/syslog.

tail -f /var/log/syslog

#14. Check the ip route.

ip route

#14. Add route to VPN network if needed.

ip route add <target-network>/<target-subnet> via <ppp0-gateway> dev ppp0

References:

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *