What is L2TP Protocol?
L2TP, short for “Layer 2 Tunneling Protocol“, is one of the most popularly used encryption protocols with VPN services using UDP port 1701. L2TP is an extension of PPP protocol, however, it is more secure and technologically advanced than its predecessor, PPTP. Furthermore, L2TP does not provide strong encryption or authentication on its own, it is frequently paired with IPsec protocol to make sure that the VPN connection is secure, hence, the term L2TP/IPsec.
Advantages & Disadvantages of L2TP
When it comes to speed and security, L2TP/IPsec is slower than PPTP. However, it is more secure as it uses AES-256 bit encryption. Compared to OpenVPN, L2TP/IPsec is much faster because it allows multi-threading in the Kernel which cannot be carried out with OpenVPN. On the other hand, OpenVPN is much more secure than L2TP/IPsec because IPsec uses UDP port 500 which can be detected and blocked by some firewalls.
In addition, L2TP/IPsec is compatible with multiple platforms, such as: Linux, Windows, Mac OS, iOS, Android, etc. It is equally easy to configure as well.
In this guide, we will help you configure L2TP on your Linux system, step-by-step with pictures. Scroll down for more details.
Setting-up L2TP/IPsec on Linux
1- First, you need to install “network-manager-l2tp” from Ubuntu’s Personal Package Archives (PPA).
2- You can install “network-manager-l2tp” using the following command:
sudo add-apt-repository ppa:nm-l2tp/network-manager-l2tp sudo apt-get update sudo apt-get install network-manager-l2tp
3- Once the installation is complete, you need to configure the build using this command:
./configure \ --disable-static --prefix=/usr \ --sysconfdir=/etc --libdir=/usr/lib/x86_64-linux-gnu \ --libexecdir=/usr/lib/NetworkManager \ --localstatedir=/var \ --with-pppd-plugin-dir=/usr/lib/pppd/2.4.7
4- Next, make the build:
make sudo make install
5- Now, remove AppArmor IPsec settings:
sudo apparmor_parser -R /etc/apparmor.d/usr.lib.ipsec.charon sudo apparmor_parser -R /etc/apparmor.d/usr.lib.ipsec.stroke
6- Replace x2ltpd with libpcap:
sudo apt remove xl2tpd sudo apt install libpcap0.8-dev wget https://github.com/xelerance/xl2tpd/archive/v1.3.6/xl2tpd-1.3.6.tar.gz tar xvzf xl2tpd-1.3.6.tar.gz cd xl2tpd-1.3.6 make sudo make install
7- Restart your device to apply the changes you made.
8- Open Network Manager, the L2TP/IPsec VPN connection should now be available to use.
Congratultions! You have successfully configured L2TP/IPsec on Linux device.