Fixing a broken L2TP VPN setup with Edgemax Edgerouter Lite

Taken from: http://www.dataguys.net/ubiquiti-edgemax-l2tp-setup/

it fixed my issues today #20-12-2016#

Show Running VPN Configurations

configure
#show l2tp config
show vpn l2tp
#show pptp config
show vpn pptp

Delete existing VPN Configurations

configure
delete vpn pptp ## possible this one does not exist so it will be told in your shell
delete vpn l2tp
delete vpn ipsec
commit
save

Now the existing VPN settings are removed

# change eth0 to whatever is the external interface port of the Edgemax
set vpn ipsec ipsec-interfaces interface eth1
set vpn ipsec nat-networks allowed-network 0.0.0.0/0
set vpn ipsec nat-traversal enable
set vpn l2tp remote-access authentication mode local

#Add local users for L2TP
set vpn l2tp remote-access authentication local-users username [myusername] password [mypassword]  ### do not use the [] in the command

# Set a range of IP addresses that are not being used by your LAN DHCP
set vpn l2tp remote-access client-ip-pool start 10.10.10.100
set vpn l2tp remote-access client-ip-pool stop 10.10.10.110

# Set the DNS servers to give out over DHCP for VPN Name Resolution
set vpn l2tp remote-access dns-servers server-1 10.1.1.50
set vpn l2tp remote-access dns-servers server-2 8.8.8.8

# Set the authentication mode for L2TP
set vpn l2tp remote-access ipsec-settings authentication mode pre-shared-secret
set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret [secretkey]
set vpn l2tp remote-access ipsec-settings ike-lifetime 3600

# Set the l2tp listening address to the WAN IP and WAN Gateway
set vpn l2tp remote-access outside-address [Your-WAN-IP]
set vpn l2tp remote-access outside-nexthop [Your-WAN-GATEWAY-IP]

# Optional to set the MTU but I do this just in case they end up on DSL or T1
set vpn l2tp remote-access mtu 1492

commit
save
exit

Notice: firewall rules must also be enabled as ruleset in the Edgemax Lite, this is not yet in the document documented.

Please be noticed above text is derived from the URL above and used in my home setup. If it crashes I will be able to fix it.

2 thoughts on “Fixing a broken L2TP VPN setup with Edgemax Edgerouter Lite

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.