2

Install VPN Server with Linux

This is how I installed L2TP IPSEC VPN server from a debian squeeze Linux at home, now I can connect the VPN from my iPhone, iPad and Windows 7 laptop

All stuff source is grabbed from here, well documented by Steeve, but just in case it dissapears one day and for my own informations, I add to my blog. For more detailled instruction and explanations, see his blog.

My local network is 192.168.1.0/24 and the VPN server is 192.168.1.7, my local DNS server is 192.168.1.8

What do you need ?

  • A debian linux box with
  • Openswan
  • xl2tp

Install the software

During installation choose to not use certifcate, we will use pre-shared key

edit the file /etc/ipsec.conf, my local network is 192.168.1.0/24 so I changed the line virtual_private as follow :

removed the warning when starting service about certificate in the same file

Then paste the following code at the end of the file

Now edit /etc/ipsec.secrets and add a line similar to this :

if your external IP is fixed you can replace the 1st %any by your external IP, mine is not.

then edit /etc/xl2tpd/xl2tpd.conf. I added the following to mine.

ip range is your LAN reserved IP for the VPN clients, they should be removed from your dhcp range, the local IP is the VPN server IP

now copy the file /etc/ppp/options to /etc/ppp/options.l2tp

and edit the new file /etc/ppp/option.l2tp

ms-dns is your local DNS server, name is a name that will use in the next file

Finally, add entries to /etc/ppp/chap-secrets to set up individual VPN users

mylogin is the client’s login options-name must match the name parameter from the previous file, options.l2tp. The last parameter is the subnet and mask to match this client. It should be the range of your internal network.

Now if you want to access other computer from your LAN from your VPN client, you need to enable ip forwarding

Of course you need to redirect upd ports from your internet gateway to your linux box if you have one. And also open the ports in your linux box firewall if it is activated. The ports are UDP 500, UDP 1701 and UDP 4500

This prodecure works fine for my iPhone and Windows 7 client.

For windows 7 client to work fine, you need to uncheck the box “unsecure password PAP” into connexion properties security tab and check CHAP and MS-CHAP-V2. And also enter your PSK under advanced parameters from VPN type.

Charles

Charles

2 Comments

  1. You really make it seem so easy with your presentation but I find this matter to be really something that I think I would never understand. It seems too complicated and extremely broad for me. I am looking forward for your next post, I

  2. There square measure scores of totally different LINUX VPN server packages obtainable on the web these days. Initially look this would possibly really sound sort of a sensible factor. With lots of various software packages to choose from, one would possibly suppose that it makes putting in your own VPN abundant easier or higher. However, the reality is it really makes it a euphemism of lots harder and confusing. LINUX may be a extremely popular operating system for servers, and if you’re trying to line up a VPN of your own that runs one among the numerous variations of the operating system obtainable these days, then I powerfully suggest that you simply see link.

Comments on this topic in community Forums.