I Want To Connect To A L2tp Server From CentOS.

Home » CentOS » I Want To Connect To A L2tp Server From CentOS.
CentOS 8 Comments

I have a server currently connecting to a pptp remote server. This server(lns\lac) has the option for pptp connections and l2tp connections. The l2tp connections are not using ipsec encryption at all. I have seen couple guides\tutorials on the internet:

https://raymii.org/s/tutorials/IPSEC_L2TP_vpn_on_CentOS_-_Red_Hat_Enterprise_Linux_or_Scientific_-_Linux_6.html
– https://wiki.archlinux.org/index.php/L2TP/IPsec_VPN_client_setup

But all the guides that I have found are using ipsec with “secret”. On ubuntu there is a gui applet that helps setting these kind of connections up but I am working with a CentOS server and not Ubuntu desktop.

If someone used l2tp the same way I want to use on CentOS 7 please give me some advice.

If you have a guide which might help me I will be more then happy to see this one.

Thanks, Eliezer

8 thoughts on - I Want To Connect To A L2tp Server From CentOS.

  • PPTP doesn’t use ipsec either, it uses its own MPPE encryption based on RC4, which is considered insecure as of years ago.

    L2TP is normally used within another encrypted transport.

  • l2tp, by itself, offers no encryption. Notably, that means that your password is going to cross the network in clear text. Bare l2tp is the VPN equivalent of telnet. I really strongly recommend that you reconsider.

    ipsec, by itself, is a much better and easier way to achieve your goal.
    It will require less setup, and offer better security. There’s no down side; ipsec is clearly a better choice for connecting two systems over an unsecured network.

    l2tp is typically used in conjunction with ipsec, for mobile clients.
    The reason is that l2tp integrates with external authentication (RADIUS, LDAP, Active Directory, etc) better than ipsec alone does. That’s great when you have a group of users that you want to have individual authentication keys, but it’s not a good fit for connecting one server to another.

  • Hey John,

    I do not require encryption at all, it’s a secure and internal channel but it requires me to connect via either pptp or l2tp. This is the reason I am asking. I had the chance of finding the SoftEther Project which gives a lot in terms of VPN Client and Server. At:
    http://www.softether-download.com/en.aspx

    But yet to try it. Also they have all sorts of beta versions but not something they call stable in their downloads.

    I think I will try to use their product if I will not find an example on how to use l2tp without ipsec encryption.

    Thanks, Eliezer

  • OK So i took the time and finally built a RPM for the softether vpn server and client. I have not tested them for usage but I found out that only the server side can work with multiple protocols while the client side works only with one protocol. The actual protocol is called “ethernet overl HTTPS”. More info on the product:
    http://www.softether.org/

    The gui is only for windows as far as I could understand.

    So no l2tp client there but aleast a nice VPN service.

    SRPM can be found here:
    http://ngtech.co.il/rpm/CentOS/7/SRPMS/softethervpn-4.18.9570-2.el7.CentOS.src.rpm

    The repo is here(also latest squid-cache repo):
    http://ngtech.co.il/rpm/CentOS/7/x86_64/

    Eliezer

  • Hey Gordon,

    I do not have any security issue in this network. I need to connect to a remote network on a secure network. The options are pptp or l2tp(no ipsec encryption) so I do want to use l2tp like in (lac\lns) and I am looking for a client for CentOS. Note that it works in ubuntu so it is possible to achieve the same with CentOS but I do not know what is behind the gui that initiates the connection for l2tp. With pptp I have no issue and I have a connection which works a lot of time.

    Thanks, Eliezer