Monday 23 August 2010

Vyatta - Remote Access VPN with L2TP and PPTP

Hi,

I have done a remote access VPN lab before - with OpenVPN. This one is with the more widely accepted L2TP and PPTP. So accepted infact that both the iphone and ipad like it too.

So here we go how to configure a VM to allow remote access from iPhone,iPad and Windows Xp.

Part1:
Introduction
Setup

Vyatta - Remote Access VPN - L2TP,PPTP -Part1 from Roggy on Vimeo.



Part2:
Setup Continued

Vyatta - Remote Access VPN - L2TP,PPTP -Part2 from Roggy on Vimeo.



Part3:
Actually Configuring L2TP and PPTP

Vyatta - Remote Access VPN - L2TP,PPTP -Part3 from Roggy on Vimeo.



Part4:
Settting up Firewall

Vyatta - Remote Access VPN - L2TP,PPTP -Part4 from Roggy on Vimeo.

18 comments:

Unknown said...

Thanks Roggy. I added a link to this on - Vyatta User Submitted Tutorials

colorblind said...

Hey Roggy, is it possible to get hold of you by mail, it might just be me that hast gotten my brain to scrambeld up by traveling in india, but i would really like to send you a email.

Im currently working on a project for a non profit ngo in india and i have questions i am quite sure you would be able to help me with :)

Best wishes.

Roggy said...

Add me on twitter then DM me

colorblind said...

I am officially now on twitter hehehe, and following your channel.. tweet ?..twitter ? anyway.. i cant see the direct message or DM button in your channel so it makes it kinda hard.. it might just be because i am totally confused about all this tweet stuff. but there might be a more logical reason :)

Troy B said...

Roggy,

First of all, amazing tutorials! Thank you!

Does the L2TP configuration allow for split-tunneling? If I'm not mistaken the configuration you ran through in this tutorial sent all traffic down the VPN not just the traffic that was local to the GlobalCorp network.

Thanks

Troy

lordalfa said...

Excellent tutorial. Now to setup for my home services dial up for cameras, asterisk, exchange etc.

bakrir said...

Great Videos!!! Do you happen to have a configuration template that I can follow? that would be great.

ultrabizweb said...

Another Great tutorial Roggy I watched and tested out your OpenVPN tutorial a while back and it took me a little bit but I did get it to work. I was wondering if you have any site-to-site tutorials for Vyatta to Vyatta using ipsec I see a lot of Cisco ASA to Vyatta but not Vyatta to Vyatta I am sure it is simple enough to do but a tutorial would be awesome as I might be setting up 6 offices and I want to connect them all using ipsec tunnels. I figured I would use OSPF for my routing protocol.

Much Thanks for all your hard work.
Have you thought about writing a book?
You should an ebook or something I would
buy it.

Roggy said...

Glad you guys like the video :)
Troy:
Not really split tunneling is best done with ipsec using client software like Shrew Soft (free)
bakrir:have a look through my other vyatta articles a lot of them have full configs.
Micheal: Hmm an openvpn ospf tutorial, havent done one of those yet, maybe thats an idea for the future :)

Merc said...

Great thanks for your tutorials.
One question. Can I configure on vyatta something like Cisco ASA/PIX user's remote access policy? For example: user1 have access to LAN only, user2 - to DMZ.

WestH said...
This comment has been removed by the author.
Unknown said...

Great walk through! One question though, what would need to change in the configuration if both ends of the tunnel are DHCP?

Unknown said...

Hello Roggy,
great post, it help me a lot! HOwever I was able just to setup working PPTP L2TP/IPSEC didnt work for me. I found on the web it could be because of some bug in vyatta which make troubles when both sides of VPN are NAT-ed. This is the error in log file I receive: "Mar 30 09:00:12 vyatta pluto[31882]: "remote-access-mac-zzz"[2] 178.223.x.x:20119 #1: cannot respond to IPsec SA request because no connection is known for 89.216.x.x/32===192.168.1.249:4500:17/1701...178.223.x.x:20119[192.168.2.9]:17/%any===192.168.2.9/32". Can you help me with this one?
Kind regards,
Ivan

WestH said...

Hi great project by the way
I would like to ask you what encryption algorithm is used by IPSec/L2TP and what on PPTP. In addition so far I understood it is a IPSec transport mode and I would like to ask you what IPSec uses for encryption ?: Confidentiality (ESP) and Authentication (AH) or just ESP

Marzipan D said...

The part where I get tripped up, is your tutorial is 100% virtualized.In my situation I have a combo of physical servers and VM's. In my home data center that I'm working on, I have a motorola modem set to passthrough my static ip's, a 1U Vyatta server rack with 2 NICs, a switch, and big XenServer box with 1 NIC. I cant' figure out if I need to add more NICs on my XenServer or Vyatta Server to accomodate your tutorial's use of eth0,eth1,eth2 on the main Vyattta box.

Unknown said...

Excellent lab of remote access VPN with L2TP and PPTP. How great experience for me!

Remote Access Software

Pete Demers said...

Excellent tutorials, I am just learning Vyatta and networking. Everything works great up till the end with the firewall rules

set interfaces ethernet eth0 firewall in name ALLOW_ESTABLISHED
set interfaces ethernet eth0 firewall local name OUTSIDE

I am using zones and cannot use a per interface firewall rule. I am currently struggling with converting these rules to zone based, any chance you could help a fella out?

Unknown said...

I've been exploring for a little bit for any high quality articles or weblog posts on this sort of house . Exploring in Yahoo I at last stumbled upon this web site. Studying this information So i am satisfied to show that I've an incredibly good uncanny feeling I discovered exactly what I needed. I most surely will make sure to don?t fail to remember this site and give it a glance regularly. My web blog ::
vpn service
dedicated vpn