Overview

This article provides the steps to set up an IPSec VPN client using the open-source solution, strongSwan.

Note: The authentication method used is pre-shared key-based (PSK).

Environment

Linux Debian 8/9 or Ubuntu 18.04 OS.

Process

1. Open Terminal by pressing CTRL+Shift+T (standard shortcut combination for Ubuntu).
   
   
2. Create a new file called l2tpclient.sh using the following command: 
   touch l2tpclient.sh
   
   
   
   
3. Download the attached text file and copy the script within up to the l2tpclient.sh file you've created.
   
   
4. Enter the values for the following variables:
   VPN_SERVER_IP - the IP address of the VPN server
   VPN_IPSEC_PSK - Preshared Key
   VPN_USER - username
   VPN_PASSWORD - password
   
   
   
   
5. Make the file executable:
   chmod +x l2tpclient.sh
   
   
   
   
6. Run the script with Superuser privileges:
   sudo ./l2tpclient.sh
   
   
   
   
7. Once all modules are installed and configuration changes are made, you can start and stop VPN when necessary using the following commands:
   sudo start-vpn
sudo stop-vpn
   
   
   
   
8. (Optional) If you are using Custom routing, uncomment (remove # sign) the following line:
   #ip route add 10.0.0.0/24 dev ppp0
   
   
9. (Optional) Modify ike and esp variables if you are using custom ciphers.
   To double-check it, log in to Kerio Control via SSH and open /etc/ipsec.conf file:
   nano /etc/ipsec.conf
   
   
   
   

Confirmation

IPSec VPN connection should be established. Navigate to Kerio Control Webadmin > Status > VPN Clients; the correct information about the client host (Ubuntu/Debian) should be displayed.

Back to top