VPN

pptp-client

1. Set up pptp-client, we need to edit 2 files with content as following

   [root@mini peers]# pwd
   /etc/ppp/peers
   [root@mini peers]# cat apricot
   # written by pptpsetup
   pty "pptp 188.16x.xx9.x39 --nolaunchpppd"
   lock
   noauth
   nobsdcomp
   nodeflate
   name tonic9
   remotename apricot
   ipparam apricot
   require-mppe-128
   

2. Since we use name=tonic9, we need to add user tonic9 in /etc/ppp/chap-secrets'

   [root@mini peers]# grep tonic9 /etc/ppp/chap-secrets
   tonic9          apricot         "tonic@dmin"    *
   [root@mini peers]# 
   

xl2tp-server

On server, we need

1. config xl2tp

   [root@Bluefin xl2tpd]# tail -15 /etc/xl2tpd/xl2tpd.conf
   
   [global]
   port = 1701
   access control = no
   
   [lns default]
   ;ip range = 10.90.100.240-10.90.100.250
   ;local ip = 10.90.100.254
   ip range = 10.50.30.1-10.50.30.200 
   local ip = 10.50.30.254
   require authentication = yes
   name = LinuxVPN
   pppoptfile = /etc/ppp/options.xl2tp
   
   [root@Bluefin xl2tpd]# 
   

2. Put following content in /etc/ppp/options.xl2tp

   [root@Bluefin ppp]# pwd
   /etc/ppp
   [root@Bluefin ppp]# cat options.xl2tp 
   noccp
   auth
   mtu 1410
   mru 1410
   nodefaultroute
   proxyarp
   silent
   debug
   ms-dns 8.8.4.4
   
   [root@Bluefin ppp]# 
   

xl2tp-client with out IPsec

package to install

sudo apt install xl2tpd ppp

1. configure /etc/xl2tpd/xl2tpd.conf

   [root b2 xl2tpd ]# cat /etc/xl2tpd/xl2tpd.conf
   [global]
   access control = no
   auth file = /etc/ppp/chap-secrets
   debug avp = no
   debug network = no
   debug packet = no
   debug state = no
   ;debug tunnel = no[lac “lns name you specified on the server”]
   
   [lac vpnMikrotik]
   lns = 159.65.10.52
   require chap = yes
   require authentication = yes
   ppp debug = yes
   pppoptfile = /etc/ppp/options.xl2tpd
   require pap = no
   name = user1
   root b2 xl2tpd #
   

2.config /etc/ppp/options.xl2tpd

[root b2 ppp ]# cat /etc/ppp/options.xl2tpd 
ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-mschap-v2
noccp
noauth
idle 1800
mtu 1410
mru 1410
defaultroute
usepeerdns
debug
connect-delay 5000
name vpn_user
password vpn_password

[root b2 ppp ]# 

3. test l2tp vpn client connection, we should see ppp0 interface up

   echo "c vpnMikrotik" > /var/run/xl2tpd/l2tp-control
   

for disconnect

echo "d vpnMikrotik" > /var/run/xl2tpd/l2tp-control

for debug

[root b2 ppp ]# journalctl -xeu xl2tpd.service