Meraki

Community

Guide: Client VPN on Linux (Debian)

ecce
Here to help
‎Jan 8 2020 3:58 AM
‎Jan 8 2020 3:58 AM

Guide: Client VPN on Linux (Debian)

I switched from Mac to Linux recently and a thing I got stuck on for a while is the easy way to establish L2TP VPN connections from a mac to a Meraki firewall. On a mac it is very easy to set up, but on Linux I ran into some trouble getting it working. Now that is does work I'd thought I'd share a solution. Please note that this is a bit static and may break if future meraki updates changes cipher suite for example.

 

Ofcourse everything Linux-related is distro-depending so this is tested on Debian 10, kernel 4.19, i3wm, since that is what I use. The firewall is a Meraki MX64.

 

1. Make sure network-manager is handling network connections. Read this. 

2. You need the following packets (depending on WM): 

 

 

network-manager-l2tp-gnome network-manager-strongswan network-manager-l2tp strongswan-nm

 

 

3. Restart network-manager

 

 

systemd restart network-manager

 

 

4. There is a daemon running called xl2tpd that messes up things. There's info about this on this forum. So:

 

 

sudo systemd stop xl2tpd
sudo systemd disable xl2tpd

 

 

 

5. Create a VPN connection in nm-connection-editor and modify IPSec and PPP properties accordingly:

 

2020-01-08_12-28.png

 

2020-01-08_12-26_1.png

2020-01-08_12-26_2.png

 

Cheers!

2 Replies 2
BrechtSchamp
Kind of a big deal
‎Jan 8 2020 6:29 AM
‎Jan 8 2020 6:29 AM

Nice! Thanks for taking the time to share your findings!

0 Kudos
Lonnie
New here
yesterday
yesterday

These steps once worked great, but not anymore.

I've setup Linux as a VPN client for Meraki MX numerous times, in the same manor you've described here, but these steps no longer work, and I can't figure out why.

Try using those steps on a fresh install of Debian-12.10.0 (with Gnome desktop), or Ubuntu 24.04.2, or Ubuntu Unity 24.04.2. I'd love to here how you succeed if you get it working. I've spent more time than I'm willing to admit trying to get it working, and failed over and over and over again.

For example, I install Ubuntu Unity 24.04.2 on a new laptop (ASUS Zenbook 14 OLED), and couldn't get Meraki VPN to work. But what's weird, is that I have a Virtual Machine of Ubuntu Unity 24.04.2 (that was previously upgraded from 22.04), and these same steps work on the first try.

Also, I have a Debian 12 laptop, that was upgraded from Debian 11, and your steps do work on it. However, those steps do not work on a fresh install of Debian 12 on this same ASUS Zenbook 14 OLED laptop.

The only thing that might work, that I didn't try, is to first install an earlier version of Debian or Ubuntu, then setup the VPN using these steps shown above, then upgrade to the latest version of Debian or Ubuntu after that.

Has anyone else had problems like I'm having lately, with getting Linux going as a Meraki VPN Client on freshly installed Debian 12 or Ubuntu 24.04.2?

0 Kudos
Back to the top
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.