L2TP/IPSEC

From Bashlinux
Revision as of 04:30, 11 June 2015 by Manpaz (talk | contribs) (Created page with "__NOTOC__ === How to setup VPN for Android/IOS === * This is managed by L2TP/IPSEC * Ports that need to be open on the firewall are: ** UDP 500 ** UDP 4500 ** ESP === How to ...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

How to setup VPN for Android/IOS

  • This is managed by L2TP/IPSEC
  • Ports that need to be open on the firewall are:
    • UDP 500
    • UDP 4500
    • ESP

How to setup a VPn client on IOS

Set them on iOS devices under Settings > General > Network > VPN > Add VPN Configuration

L2TP configuration

  • Description: Bashlinux VPN
  • Server: 10.20.30.40
  • Account: <your username>
  • RSA SecurID: OFF
  • Password: <your LDAP password>
  • Secret: 17eX19KR73oW58Jq
  • Send All Traffic: ON
  • Proxy: Off

How to tweak zentyal to authenticate L2TP/IPSEC users via LDAP through Radius

  • Change Service-Type to Framed-User instead Login-User on /usr/share/zentyal/stubs/radius/users.mas
  • Add the secret key
    • SERVER: On Zentyal front-end
    • CLIENT: /etc/radiusclient/servers

References

  • VPN with LDAP authentication
https://safesrv.net/setup-l2tp-over-ipsec-to-authenticate-off-freeradius-on-ubuntu-11-10/
  • L2TP/IPSec with Zentyal/Freeradius and radiusclient1
https://safesrv.net/setup-l2tp-over-ipsec-to-authenticate-off-freeradius-on-ubuntu-11-10/
  • iPhone/iPad Settings
http://pleasefeedthegeek.wordpress.com/2012/04/21/l2tp-ubuntu-server-setup-for-ios-clients/