I need to configure a L2TP/IPSEC VPN Server for a friend. For this I used Vyatta, well its forked version Vyos

 

Network Access Requirements

  • L2TP traffic – UDP 1701
  • Internet Key Exchange (IKE) – UDP 500
  • IPSec Network Address Translation (NAT-T) – UDP 4500

 

L2TP Setup

set vpn l2tp remote-access outside-address X.X.X.X

set vpn l2tp remote-access client-ip-pool start X.X.X.100

set vpn l2tp remote-access client-ip-pool stop X.X.X.200

Authentication

set vpn l2tp remote-access ipsec-settings authentication mode pre-shared-secret

set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret FACEBOOK

set vpn l2tp remote-access authentication mode local

set vpn l2tp remote-access authentication local-users username test password test

IPsec Setup

set vpn ipsec ipsec-interfaces interface eth0

set vpn ipsec nat-traversal enable

set vpn ipsec nat-networks allowed-network 0.0.0.0/0

Commit / Save

commit, then test, if all is working save