cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

VPN client for Ubuntu 16.04

Highlighted
New here

VPN client for Ubuntu 16.04

Hi Guys 

 

 

Does anyone have an installation guide for Ubuntu 16.04 that I can send my users to self-installations? 

 

On the official guide is Ubuntu 12

 

 

Thnk you !!!

26 REPLIES 26
Highlighted
Kind of a big deal

Re: VPN client for Ubuntu 16.04

I have not tested it, but this guide looks promising.

 

http://www.jasonernst.com/2016/06/21/l2tp-ipsec-vpn-on-ubuntu-16-04/

Highlighted
Kind of a big deal

Re: VPN client for Ubuntu 16.04

Highlighted
Conversationalist

Re: VPN client for Ubuntu 16.04

I did this and it works for me:

 

  1. Install network-manager-l2tp:  sudo add-apt-repository ppa:nm-l2tp/network-manager-l2tp and sudo apt-get update sudo apt-get install network-manager-l2tp
  2. If using gnome, install the gnome plugin (if using another desktop environment, see if there's a plugin for its network manager): sudo apt-get install network-manager-l2tp-gnome
  3. Reboot
  4. Navigate to Settings > Network > Click the +button > Select "Layer 2 Tunneling Protocol (L2TP)"
  5. Name the new VPN connection something
  6. Put the host name or address in the Gateway field.
  7. Put username in the Username field.
  8. Click the icon in the Password field and select your preference for how to supply the password.
  9. Click IPSec Settings...
  10. Click the box for "Enable IPsec tunnel to L2TP host"
  11. Enter the shared secret into the Pre-shared key field.
  12. Leave the Gateway ID field empty.
  13. Expand the Advanced options area
  14. Enter "3des-sha1-modp1024" into the Phase 1 Algorithms box.
  15. Enter "3des-sha1" into the Phase 2 Algorithms box.
  16. Leave the box checked for "Enforce UDP encapsulation".
  17. Click OK.
  18. Click Save.
  19. Open a terminal and enter the following commands to permanently disable the xl2tpdservice:  sudo service xl2tpd stop
  20. Also enter the following:  sudo systemctl disable xl2tpd
  21. Open Network Settings and try to turn the VPN on.
Highlighted
Kind of a big deal

Re: VPN client for Ubuntu 16.04

No one should be using 3des for anything new.  Does aes128 work instead?

Highlighted
Conversationalist

Re: VPN client for Ubuntu 16.04

it worked for Ubuntu 18.04!
Highlighted
Comes here often

Re: VPN client for Ubuntu 16.04

Hi, can u give me details? Tks. I cant do it on 18.04

Highlighted
Conversationalist

Re: VPN client for Ubuntu 16.04

Hello @JUANFER, I just followed the instructions of @PigMan, nothing more.
Highlighted
Comes here often

Re: VPN client for Ubuntu 16.04

haven´t rebooted, i´ll try again.
Highlighted
Comes here often

Re: VPN client for Ubuntu 16.04

Excuse me but im new with ubuntu... are this two lines or just 1?

sudo add-apt-repository ppa:nm-l2tp/network-manager-l2tp

or it is;
sudo add-apt-repository ppa:nm-l2tp
sudo add-apt-repository network-manager-l2tp
Highlighted
Conversationalist

Re: VPN client for Ubuntu 16.04

it's one line.
Highlighted
Here to help

Re: VPN client for Ubuntu 16.04

I believe you can call in and request AES - I'm gonna have to do this so I can get a VPN node in my datacenter rack....

Highlighted
Kind of a big deal

Re: VPN client for Ubuntu 16.04

AES is available by default.  You don't need to do anything.

Highlighted
Here to help

Re: VPN client for Ubuntu 16.04

Good deal - I haven't tested with linux / mac yet but it's full on awesome with AD - all the information for using an l2tpd client show 3des - I had to call in to get some features enabled for I believe some wireless or maybe a firewall setting so it would not surprise me if the same had to happen for AES. 

Highlighted
Meraki Employee

Re: VPN client for Ubuntu 16.04

Amazing work! - Still works today
Highlighted
New here

Re: VPN client for Ubuntu 16.04

@ PigMan - I just used your suggestion for Ubuntu 19.10 and it worked. Thanks!

Highlighted
Comes here often

Re: VPN client for Ubuntu 16.04

On Linux Mint 19.3 tricia, never worked like that. And when i was triyng on Ubuntu, difeerent versions either. What a bad luck

Highlighted
Here to help

Re: VPN client for Ubuntu 16.04

I'm also on Mint 19.3 and have had issues getting the VPN to work.  Will be setting aside some time today (hopefully) to work on finding a solution.

Highlighted
Comes here often

Re: VPN client for Ubuntu 16.04

Go ahead. Iĺl be listening. Iḿ also on LM 19.3, and still doesnt work.

Highlighted
New here

Re: VPN client for Ubuntu 16.04

This works great for Ubuntu 18.04 LTS as well.

 

#15 from @PigMan can be changed to "aes128-sha1" instead of using 3DES.  Phase1 has to stay 3DES.

 

Quick instructions from me :

 

1. Update and clean up the machine first

sudo apt-get update
sudo apt-get dist-upgrade
sudo reboot
# Wait for reboot, log back in
sudo apt autoremove

 2. Install VPN Software

sudo apt-get install strongswan xl2tpd net-tools
sudo apt-get install network-manager-l2tp network-manager-l2tp-gnome
sudo apt-get install network-manager-strongswan
sudo reboot

3. After reboot, Turn off the L2TP Server, we only want the client

sudo service xl2tpd stop
sudo systemctl disable xl2tpd

 

4. Setup the VPN per @PigMan's instructions:

  • Settings -> Network -> VPN - > "+"
  • Details:
    • Make available to other users, check (if desired)
  • Identity:
    • Name: Make a description
    • Gateway: the IP address (or dyn dns name from the meraki page)
    • User Name:  full@name.com
    • Password: Leave blank, will prompt
    • NT Domain: <blank>
  • IPSec Settings:
    • Enable IpSec tunnel to L2TP host: check
    • Pre-Shared Key:  Get from the meraki setup page
    • Phase1 Algorithms: 3des-sha1-modp1024
    • Phase2 Algorithms: aes128-sha1
    • Enforce UDP encap: <un checked>
  • PPP Settings:  Default
Highlighted
Here to help

Re: VPN client for Ubuntu 16.04

I am finally circling back to this.

 

I can confirm that changing the phase 2 algorithm to "aes128-sha1" fixes the VPN connection on Linux Mint 19.3

(at least it did for me)

 

Thank you so much for finding this solution.

Highlighted
New here

Re: VPN client for Ubuntu 16.04

Worked for me for Ubuntu v20.04 LTS, thanks

Highlighted
New here

Re: VPN client for Ubuntu 16.04

In order to address the IKE Aggressive Mode vulnerability, you can contact Meraki support and have them change the minimum DH group to 14 (from 2) and enable AES128 instead of 3DES. With those changes made, I found that this configuration works for connecting Ubuntu to the client VPN:

 

  1. Install network-manager-l2tp: 
    sudo add-apt-repository ppa:nm-l2tp/network-manager-l2tp
    sudo apt update
    sudo aptinstall network-manager-l2tp
  2. If using gnome, install the gnome plugin (if using another desktop environment, see if there's a plugin for its network manager):
    sudo apt install network-manager-l2tp-gnome
  3. Stop the xl2tpd service:
    sudo service xl2tpd stop
    Then disable the xl2tpd service:
    sudo systemctl disable xl2tpd
  4. Open Network Settings and click the + button
    Select Layer 2 Tunneling Protocol (L2TP)
    Fill in the Name, Gateway (IP address), and Username fields
    Click the icon in the Password field and select Store the password only for this user, then fill in your password
  5. Click on the IPsec Settings... button
    Check Enable IPsec tunnel to L2TP host
    Fill in the Pre-shared key
    Set Phase1 Algorithms to aes128-sha1-modp2048
    Set Phase2 Algorithms to aes128-sha1
    Leave all other options unchecked
  6. Click on the PPP Settings... button
    Uncheck all options except for PAP
  7. Turn on the VPN and verify that it stays connected

 

TLDR: use aes128 instead of 3des and modp2048 (DH group 14) instead of modp1024 (DH group 2) for the Phase 1 and 2 algorithms, uncheck all options except for PAP

Highlighted
Just browsing

Re: VPN client for Ubuntu 16.04

Hi Folks.

Tried always to configure the L2TP client under Debian Buster. Trying to connect to an MX64. Connection works fine on latest ios All I get is a pop-down at the top of the screen:

 

Connection Failed

Activation of the connection failed

 

Any thoughts anybody please?

 

TIA

MikeB2

 

Highlighted
Comes here often

Re: VPN client for Ubuntu 16.04

Hi folk i allways tried this since 2 years from here to connect MX84, and allways get that message but necer have tried to make connection. Do you have your stepd to do that to tru follow? Tks.

Highlighted
Comes here often

Re: VPN client for Ubuntu 16.04

Hi folk i allways tried this since 2 years from here to connect MX84, and allways get that message but necer have tried to make connection. Do you have your stepd to do that to tru follow? Tks.

Highlighted
Just browsing

Re: VPN client for Ubuntu 16.04

Hey Juanfer

 

I used the steps posted in this thread. But unable to connect. I am hoping the is a Debian Buster user out there who has this fixed.

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.