Create L2TP service without encryption - shenhaoyu/AnyGW GitHub Wiki
Create L2TP service without encryption
root@:# apt-get install xl2tpd ufw
/etc/ufw/before.rules
# NAT table rule
*nat
:POSTROUTING ACCEPT [0:0]
# Allow forward traffic to eth0
-A POSTROUTING -s 192.168.9.0/24 -o eth0 -j MASQUERADE
# Process the NAT table rules
COMMIT
# Mangle MTU for VPN Performance`
*mangle
-A FORWARD -o eth0 -p tcp -m tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1361:1536 -j TCPMSS --set-mss 1360
COMMIT
/etc/default/ufw
DEFAULT_FORWARD_POLICY="ACCEPT"
/etc/ufw/sysctl.conf
net/ipv4/ip_forward=1
root@:# sysctl - p
root@:# ufw allow ssh
root@:# ufw allow l2tp
root@:# ufw enable
root@:/etc/xl2tpd# cp xl2tpd.conf xl2tpd.conf.original
root@:/etc/xl2tpd# cp /usr/share/doc/xl2tpd/examples/xl2tpd.conf ./
xl2tpd.conf
[lns default]
ip range = 192.168.9.2-192.168.9.100
local ip = 192.168.9.1
require chap = yes
refuse pap = yes
require authentication = yes
name = AnyGW
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes
root@:/etc/ppp# cp /usr/share/doc/xl2tpd/examples/ppp-options.xl2tpd ./
ppp-options.xl2tpd
ipcp-accept-local
ipcp-accept-remote
ms-dns 8.8.8.8
ms-wins 8.8.8.8
noccp
auth
crtscts
idle 86400
mtu 1410
mru 1410
nodefaultroute
debug
lock
proxyarp
connect-delay 5000
chap-secrets
# client server secret IP addresses
<username> * <password> *
Install xl2tpd package and setup the autoreconnect network interface
root@OpenWrt:~# opkg install xl2tpd
/etc/config/network
config interface '<interface_name>'
option proto 'l2tp'
option username '<username>'
option ipv6 'auto'
option password '<password>'
option server '<service_address>'
option checkup_interval '10'
option defaultroute '0'