Configuration of the VPNPTP service with the protocol L2TP+IPsec

Windows 7
To configure a VPN connection with L2TP+IPsec:
1- Open network and center to share in the Control Panel
  • Go to the Windows Menu, then Control Panel
  • Click on Network and Internet
  • Click on Network and Sharing Center
2- Click on Configure a new connection or network
  • Set up a new connection or network
3- Choose Connect with a workplace then Next
  • Connect to a workplace (Set up dial-up or VPN connection)
4- Click on Use my Internet Connection (VPN)
  • Use my Internet connection (VPN)
5- In the Internet address field, see in the UCP
  • Go Home -> Config L2TP+IPsec -> Server Name -> Choose server
6- In the Destination name field, type a descriptive name "VPNPTP Service".
7- Check Do not connect now then click on Continue
8- Enter your Username and password in their respective fields; leave the Domain field blank
9- See Remember this password
10- Click Create and then Close
11- Open VPN Connection Properties
  • On the Network and the Share Center, click on the Change Adapter settings
  • Right-click on your new connection and click Properties
12- Configure for L2TP/IPsec
  • On the security tab, change Type of VPN from Automatic to Protocol Tunneling Layer with IPsec (L2TP/IPsec)
  • The IPSec password is in UCP, Go Home -> Config L2TP+IPsec -> Password IPsec
To connect:
  • In the Windows Taskbar, click on the Network icon
  • Click on your new connection, and then click on the Connect button
  • Enter your Username and Password in the respective fields and click Connect
To disconnect:
  • Click on the Network icon in the taskbar
  • Click on the name of your VPN connection, then, Disconnect
Configuration with images:























Windows 10

1- Go to the configuration menu


2- Go Network & Internet menu


3- Go VPN menu | Add a VPN connection


4- Configure the VPN



NOTE:

- Server name or address: Go to UCP - See step 1 of the following image

- VPN Type: L2TP/IPsec with pre-shared key

- Pre-shared key: Go to UCP - See step 2 of the following image







VPN for MAC

Mac OS X includes a native VPN client. You can use the MacOSX VPN client to make an L2TP + IPsec VPN connection.

Follow the following steps:

1- On the Apple menu, select System Preferences.
2- Click on the icon Network.
3- Click on the "+" icon in the lower left corner to create a new network interface.
4- In the drop-down list Interface, select VPN.
5- In the drop-down list VPN type , select L2TP by IPSec.
6- In the Service Name text box, enter a name for this VPN connection, for example "US1 VPNPTP".
7- Click on Create.
8- In the Server Address text box, enter the name of the VPNPTP server you want to connect to (example, us1.vpnptp.com, see servers in the UCP).
9- In the Account Name text box, enter your VPN username with L2TP.
10- Click Authentication settings.
11- In the Password text box, enter the user's password.
12- VPNPTP is configured to use a pre-shared key as the authentication method of IPSec:
  • Select pre-shared key.
  • In the Shared Secret text box, enter the pre-shared key for this tunnel. The pre-shared key is in the (UCP).
13- Click Apply to save the configuration changes.

Run the L2TP Connection:

The name of the VPN connection is the name of the service that you used when you configured the L2TP connection on your PC.
To start the L2TP connection:

1- On the Apple menu, select System Preferences.
2- Click on the Network icon.
3- Select the VPN connection that you created in the Network dialog box.
4- Click on Connect.




VPN for LINUX

Follow the next steps, the commands must be executed as user "root":

- To configure the VPN client, first install the following packages:

# Ubuntu & Debian
apt-get update
apt-get -y install strongswan xl2tpd
# CentOS & RHEL
yum -y install epel-release
yum --enablerepo=epel -y install strongswan xl2tpd
# Fedora
yum -y install strongswan xl2tpd
Create the following of VPN variables:
VPN_SERVER_IP='The name of the VPN server'
VPN_IPSEC_PSK='IPsec pre shared key'
VPN_USER='User VPN'
VPN_PASSWORD='Password VPN'
Example:
VPN_SERVER_IP='eu1.vpnptp.com'
VPN_IPSEC_PSK='clave'
VPN_USER='luis'
VPN_PASSWORD='clave1234'
Configure strongSwan:
cat > /etc/ipsec.conf <<EOF
# ipsec.conf - StrongSwan IPsec configuration file

# Basic configuration

config setup
# strictcrlpolicy=yes
# uniqueids = no

# Add connections here.

# Sample VPN connections

conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
keyexchange=ikev1
authby=secret
ike=aes128-sha1-modp1024,3des-sha1-modp1024!
esp=aes128-sha1-modp1024,3des-sha1-modp1024!

conn vpnptp_conn
keyexchange=ikev1
left=%defaultroute
auto=add
authby=secret
type=transport
leftprotoport=17/1701
rightprotoport=17/1701
right=$VPN_SERVER_IP
EOF

cat > /etc/ipsec.secrets <<EOF
: PSK "$VPN_IPSEC_PSK"
EOF

chmod 600 /etc/ipsec.secrets
# ONLY For customers CentOS/RHEL & Fedora
mv /etc/strongswan/ipsec.conf /etc/strongswan/ipsec.conf.old 2>/dev/null
mv /etc/strongswan/ipsec.secrets /etc/strongswan/ipsec.secrets.old 2>/dev/null
ln -s /etc/ipsec.conf /etc/strongswan/ipsec.conf
ln -s /etc/ipsec.secrets /etc/strongswan/ipsec.secrets
Configure xl2tpd:
cat > /etc/xl2tpd/xl2tpd.conf < /etc/ppp/options.l2tpd.client < /var/run/xl2tpd/l2tp-control
Run ifconfig and verify the output. Now you should see a new ppp0 interface.

Check your existing default route:
ip route
Find this line in the output: by default through X.X.X.X .... Enter this IP of the gateway to use it in the two commands below.
Exclude the IP of your VPN server from the new default route (replace with the actual value):
route add YOUR_VPN_SERVER_IP gw X.X.X.X
If your VPN client is a remote server, you must also exclude the public IP from your local PC from the new default route, to prevent your SSH session from disconnecting (replace with the actual value):
route add YOUR_LOCAL_PC_PUBLIC_IP gw X.X.X.X
Add a new default route to start routing traffic through the VPN server:
route add default dev ppp0
The VPN connection is now complete. Verify that your traffic is being routed correctly:
To stop routing traffic through the VPN server:
route of the default dev ppp0
To disconnect:
# Ubuntu & Debian
echo "d vpnptp_conn" > /var/run/xl2tpd/l2tp-control
    ipsec down vpnptp_conn
# CentOS/RHEL & Fedora
echo "d vpnptp_conn" > /var/run/xl2tpd/l2tp-control
    echo "d vpnptp_conn" > /var/run/xl2tpd/l2tp-control
    strongswan down vpnptp_conn





VPN for ANDROID

Go to Adjustments -> More Adjustments -> VPN

Note: In other versions of android, this could be in Settings> Connections> More connection settings or Settings> More ...> Networks and Wireless.

Tap the sign + for Add VPN

Set up the account:

Name: Write for example: "VPNPTP US1"
Type: L2TP/IPSec PSK
Server address: Enter one of the server addresses provided in the UCP. (for example: us1.vpnptp.com)
L2TP Secret: (Leave blank)
Identifier IPSec: (Leave blank)
Pre-shared key: See UCP
Username: Name_of_user_count
Password: Password_of_the_account

Click on OK when finished!
Connect to the VPN!





VPN for IOS 7, 8 y 9

1- Start the Settings app, touch General, and then touch VPN

2- Click on Add VPN configuration ...

3- Press L2TP and enter the following information:

  • Description: "VPNPTP US1"
  • Server: Enter one of the servers in the LIST , for example: us1.vpnptp.com
  • Cuenta: Name_of_user_count
  • ContraseƱa: Password_of_the_account
  • Secreto: See UCP Pre-shared key.





VPN for MIKROTIK

We have to create a new L2TP interface:
/interface l2tp-client add name=VPNPTP_US1 connect-to=us1.vpnptp.com \
user=VPNTP password=1234 use-ipsec=yes ipsec-secret=XXXX disabled=no
Description:
  • Name: name the VPN, "VPNPTP_US1"
  • Connect-to: Address of one of the VPNPTP servers, example: us1.vpnptp.com
  • User: Name_of_user_count
  • Password: Password_of_the_account
  • Use-IPSec: yes
  • IPSec-Secret: See UCP Pre-shared key.

Now we configure the rules of the firewall and the routing: We assume that our LAN is 192.168.0.0/24
/ip firewall nat
/add action=masquerade out-interface=VPNPTP_US1 chain=srcnat
/ip firewall mangle
/add chain=prerouting action=mark-routing new-routing-mark=vpnptp passthrough=no \
src-address=192.168.0.0/24 comment=VPNPTP_US1
/ip route
/add dst-address=0.0.0.0/0 gateway=VPNPTP_US1 routing-mark=vpnptp