I created an L2TP server via this script:
https://kayama.dp.ua/blog/ubuntu-16-04-how-to-setup-l2tp-over-ipsec-vpn-serv.html
the client connects to the vpn but fails to navigate
Configuration
apt-get install strongswan xl2tpd
(optional, need to check ) apt-get install ppp libgmp3-dev bison flex
Edit /etc/ipsec.conf
conn L2TP-IPSEC
authby=secret
rekey=no
keyingtries=3
type=transport
esp=aes128-sha1
ike=aes128-sha-modp1024
ikelifetime=8h
keylife=1h
left=XXX.XXX.XXX.XXX # your router's external IP
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
rightsubnet=0.0.0.0/0
auto=add
dpddelay=30
dpdtimeout=120
dpdaction=clear
#force all to be nat'ed. because of iOS
forceencaps=yes
Edit /etc/ipsec.secrets
This file holds shared secrets or RSA private keys for authentication.
RSA private key for this host, authenticating it to any other host
which knows the public part.
: PSK "TypeYourPassPhraseHere"
Edit /etc/ppp/options.xl2tpd
require-mschap-v2
refuse-mschap
ms-dns 8.8.8.8
ms-dns 8.8.4.4
asyncmap 0
auth
crtscts
idle 1800
mtu 1410
mru 1410
connect-delay 5000
lock
hide-password
local
debug
modem
name l2tpd
proxyarp
lcp-echo-interval 30
lcp-echo-failure 4
Edit /etc/xl2tpd/xl2tpd.conf
[global]
ipsec saref = no
debug tunnel = no
debug avp = no
debug network = no
debug state = no
access control = no
rand source = dev
port = 1701
auth file = /etc/ppp/chap-secrets
[lns default]
ip range = 192.168.1.10-192.168.122.20
local ip = 192.168.1.1
require authentication = yes
name = l2tp
pass peer = yes
ppp debug = no
length bit = yes
refuse pap = yes
refuse chap = yes
pppoptfile = /etc/ppp/options.xl2tpd
And finally add password to the /etc/ppp/chap-secrets file
test l2tpd TestTest "*"
