Answer the question
In order to leave comments, you need to log in
V
V
Vitaly2018-06-05 15:33:09
Vitaly, 2018-06-05 15:33:09
How to connect l2tp IPSec client on Linux to Mikrotik?
All the best! I tried a lot of options, but it didn’t work out from linux to Mikrotik via l2tp over ipsec, in most cases the error was "failed to start"....
The settings on the Mikrotik side are correct, since I connect to this vpn from phones (android, ios ) and Windows with MacOS without problems.
UPD
VPN on Ubuntu raised here according to this manual /etc/ipsec.conf
# ipsec.conf - strongSwan IPsec configuration file
# basic configuration
config setup
# strictcrlpolicy=yes
# uniqueids = no
# Add connections here.
# Sample VPN connections
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
keyexchange=ikev1
authby=secret
ike=aes128-sha1-modp1024,3des-sha1-modp1024!
esp=aes128-sha1-modp1024,3des-sha1-modp1024!
conn myvpn
keyexchange=ikev1
left=%defaultroute
auto=add
authby=secret
type=transport
leftprotoport=17/1701
rightprotoport=17/1701
right=$VPN_SERVER_IP
/etc/ipsec.secrets
: PSK "$VPN_IPSEC_PSK"
then :
mkdir -p /var/run/xl2tpd
touch /var/run/xl2tpd/l2tp-control
service strongswan restart
service xl2tpd restart
ipsec up myvpn
then iPSec rises.
Then I try to raise L2tp:
echo "c myvpn" > /var/run/xl2tpd/l2tp-control
but for some reason there is no new ppp0 interface in ifconfig :(
2 answer(s)
@feanor7
@Daimos
/etc/ipsec.secrets /etc/xl2tpd/xl2tpd.conf
/etc/ppp/options.l2tpd.client
But you still need to look at what profiles are configured in the microtek itself
S
Sergey, 2018-06-05 @feanor7
You didn't even describe what you were doing.
xl2tpd+ipsec work fine. Specify exactly where you have a plug.
D
Daimos, 2019-02-21 @Daimos
Here is my working config with Mikrotik
ipsec.conf
# basic configuration
config setup
# strictcrlpolicy=yes
# uniqueids = no
# Add connections here.
# Sample VPN connections
conn ipsec-my
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
keyexchange=ikev1
authby=secret
ike=aes128-sha1-modp2048!
esp=aes128-sha1-modp2048!
conn myvpn
keyexchange=ikev1
left=%defaultroute
auto=add
authby=secret
type=transport
leftprotoport=17/1701
rightprotoport=17/1701
right=vpnserverip.com - # address of VPN-server
rightid=localip_of_mikrotik # without this option you will get error RightID mismatch/etc/ipsec.secrets /etc/xl2tpd/xl2tpd.conf
[lac myl2tp]
lns = vpnserverip.com
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes/etc/ppp/options.l2tpd.client
ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-mschap-v2
noccp
noauth
#idle 1800
mtu 1460
mru 1460
#defaultroute
usepeerdns
lock
persist
maxfail 10
holdoff 15 #интервал между подключениями
connect-delay 5000
name YOUR_LOGIN
password YOUR_PASSWORDBut you still need to look at what profiles are configured in the microtek itself
Similar questions
A
I
Ilya Derevyannykh2020-10-07 22:21:50
Is it possible to automatically change prices in Woocommerc?
4Reply
E
elgordo2014-01-12 01:25:49
How to solve the problem of handling touchscreen events in Android?
0Reply
D
S
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question