Changes

L2TPD/IPSEC does not need any special software configuration on your clients. It is supported on a very large number of modern mobile phones and laptops. Please note that not every phone or device will support L2TPD/IPSEC out of the box.

L2TPD/IPSEC does not need any special software configuration on your clients. It is supported on a very large number of modern mobile phones and laptops. Please note that not every phone or device will support L2TPD/IPSEC out of the box.

The device first calls the server via ipsec and makes and encrypted connection. But it has no networking information. xl2tpd then makes a ppp connection through that encrypted ipsec connection.and get its network information at this point.

The device first calls the server via ipsec and makes and encrypted connection. But it has no networking information. xl2tpd then makes a ppp connection through that encrypted ipsec connection and get its network information at this point.

Once implemented you can disable PPTP, which will be good for you and your users.

Once implemented you can disable PPTP, which will be good for you and your users.

This is because pure ipsec usually relies on having connections from specific IP address / and or IDs / Certificates. To accept mobile clients, which could come from pretty well any IP address, we need to tell out L2TPD Ipsec configuration to accept connections from anywhere.  

This is because pure ipsec usually relies on having connections from specific IP address / and or IDs / Certificates. To accept mobile clients, which could come from pretty well any IP address, we need to tell out L2TPD Ipsec configuration to accept connections from anywhere.  

The potential issue is if you try a pure Ipsec connection that does not have a correct configuration in the database/configuration, it may try to connect via the L2TPD connection. That will not break anything, but you may experience odd results from the client  

The potential issue is if you try a pure Ipsec connection that does not have a correct configuration in the database/configuration, it may try to connect via the L2TPD connection. That will not break anything, but you may experience odd results from the client.

Please note that you can enable or disable L2TPD VPN access for users via the Server Manager.  

Please note that you can enable or disable L2TPD VPN access for users via the Server Manager.  

These links discuss the implementation and the creation of this page.

These links discuss the implementation and the creation of this page:

https://forums.contribs.org/index.php/topic,53021.0/all.html

https://forums.contribs.org/index.php/topic,53021.0/all.html

Some further reading can be found on this page:

Some further reading can be found on this page:

https://github.com/reetp/smeserver-libreswan-xl2tpd/blob/master/ipsecXl2tpd.Notes

https://github.com/reetp/smeserver-libreswan-xl2tpd/blob/master/ipsecXl2tpd.Notes

{{Note box|Server MUST be in Server/Gateway mode for this to be enabled}}

{{Note box|Server MUST be in Server/Gateway mode for this to be enabled}}

The smeserver-libreswan-xl2tpd contrib is currently in the development repo at Contribs

The smeserver-libreswan-xl2tpd contrib is currently in the development repo at Contribs