Blog

How to instal L2TP server to connect from routers?

I have some old TP-LINK & D-LINK routers which have L2TP connection features on them.
For network speed at my home, I had to buy a VPS in my city. I could easily install Squid proxy on the VPS and connect through it. But, this way I was required to set proxy on all of my devices which was a pain. So, I decided to do this setup on my router itself. But, none of my routers have proxy features.

These are the routers I have TP-LINK MR-3020 & D-LINK DIR-600.
But, as these are standard routers, setup remains pretty much the same for configuring L2TP on every router.

Here is a L2TP settings screenshot from TP-LINK MR-3020 router.

For secure L2TP to work we need these settings.

username
password
server ip/domain
PSK (pre-shared) key

But, as you can see router does not have the option to add PSK.
This gave me a hard time because all tutorials/guides out there on Google search take me to a secure PSK involved L2TP setup only.
So, the question came up that how do I install a L2Tp server which will work for router without PSK?

I started an ExpressVPN trial and configured there L2Tp settings on my router and it worked.
But, still I did not want to pay for VPN and I wanted only speed and not security.

So, the setup I needed was very simple: My router -> My city's VPS server -> Whole Internet. That’s all.

Here is the article that helped me: https://linuxscriptshub.com/configure-l2tp-ipsec-vpn-ubuntu-1604/
Please follow it step by step and DO NOT FORGET to change the Server IP with your VPS server IP.

In the /etc/xl2tpd/xl2tpd.conf file, you have to add tabs after the line which says [global] or the xl2tpd server will not start.

So, it should be like this.


[global]
    ipsec saref = yes
    saref refinfo = 30
    ;debug avp = yes
    ;debug network = yes
    ;debug state = yes
    ;debug tunnel = yes
    [lns default]
    ip range = 192.168.30.2-192.168.30.254
    local ip = 192.168.30.1
    refuse pap = yes
    require authentication = yes
    ;ppp debug = yes
    pppoptfile = /etc/ppp/options.xl2tpd
    length bit = yes

Please check the status if both xl2tpd and strongswan services are running. Otherwise you will have to fix your mistakes.


service xl2tpd status
service strongswan status

When both services are working just stop the strongswan service as it is not needed.
Configure the router with these settings which you used while installing using the guide link above.
You will need PSK key while doing the setup but not after that.


username
password
server ip/domain

It worked every time. I tried on 3-4 servers and using happily so far.
The connection is very much stable and does not break even for weeks until there is a power failure or network disconnection.

Cheers!

Leave a Reply

Your email address will not be published. Required fields are marked *