Old revision history "Using a Linux L2TP/IPsec VPN server"
Dec 21, 2004: RH7.3 l2tpd RPM available again because updates
are available (Fedora Legacy, Axel Thimm) and it is the last
RH version to support low-end (i.e. 386/486) systems.
Dec 5, 2004: XP SP2 requires a registry
the VPN server is behind NAT.
Dec 1, 2004: Uploaded rp-l2tp-0.4-1jdl
RPMS for those distributions without BSD legacy ptys.
Nov 28, 2004: Pppd and NAT-T info updated. NAT-T with
MSL2TP/Sentinel to NETKEY fails?
Nov 27, 2004: Updated to reflect Openswan configuration
instead of FreeS/WAN.
Nov 10, 2004: SECURITY FIX: released l2tpd-0.69-10jdl,
fixes a buffer overflow.
Oct 30, 2004: L2TP/IPsec support in development for IPCop.
Oct 26, 2004: Added link to a new L2TP kernel-based
implementation called OpenL2TP.
Oct 18, 2004: Added chroot remark. Added link to Sverre's
page about using certs and PSKs at the same time.
Oct 12, 2004: Dropping support for SuSE 8.0.
Sep 9, 2004: The split tunnelling trick was not watertight.
Jun 28, 2004: SECURITY FIX: Upgrade
your FreeS/WAN, Openswan or strongSwan.
Jun 22, 2004: Suggest a final check of the VPN server: do a
portscan and sniff the network.
Jun 21, 2004: Uploaded l2tpd RPM for SuSE 9.1. Added links
Astaro.org and LR101.
Jun 18, 2004: Dropped support for Mandrake 9.0.
Jun 11, 2004: Tested Openswan with NETKEY on Mandrake 10:
seems to work, but not with NAT-T.
May 18, 2004: EU
Commission ignores EU Parliament and wants to approve software patent
:-(. This may impact
Open Source L2TP users in
May 6, 2004: Added references to Windows IPsec/PPP logging.
Mar 2, 2004: FreeS/WAN 2.06 lacks Transport Mode so you
use it for L2TP/IPsec.
Mar 1, 2004: FreeS/WAN discontinued! Migrate to Openswan, strongSwan or NETKEY.
Jan 26, 2004: Updated link to Peter Gutmann's comparative study
on Linux VPNs. A must
Jan 25, 2004: Added remarks on Mandrake 9.2 SuperFreeS/WAN RPMs.
Jan 20, 2004: Updated Mandrake kernel information. Dropping
Mandrake 8.x support because Mandrake itself has dropped
support (no more security updates).
Dec 25, 2003: Success with my Pocket PC certificate import
utility (but only if the root cert is small?!)
Nov 15, 2003: First successful test with Panther.
Nov 6, 2003: Moved Pocket PC and Panther information to separate
Nov 2, 2003: Linux kernel 2.6 + KAME + l2tpd is reported to work
with XP and Panther by Chris Andrews. NAT not tested yet.
Oct 21, 2003: Problem with the NAT-T patch: Preshared Keys
don't work with NAT.
Oct 21, 2003: Did some testing with Pocket PC 2003's built-in
Oct 12, 2003: NAT-T bug in Sentinel 1.4.1 seems to have been
fixed in build 98. But another bug pops up.
Oct 2, 2003: Compiled new SuperFreeS/WAN RPMS with updated NAT-T
Transport Mode patch by Mikael Lönnroth.
Oct 2, 2003: Added link to VPNDialer GUI for IPSEC.EXE.
Sep 21, 2003: Windows 2000/XP NAT-T works, but only with a dirty
(and unsafe) hack.
Sep 21, 2003: FreeS/WAN 2.00, 2.01, 2.02 have an SHA-1 bug with
Sep 19, 2003: Added a report that the pppd DHCP plugin works.
Sep 2, 2003: More on split tunnelling.
Aug 22, 2003: Added some ideas about using Linux as an
Aug 12, 2003: NAT-T update for XP re-released. Multiple clients
behind same NAT do not work.
Aug 8, 2003: Uploaded l2tpd-0.69-8jdl RPMs with "Specify your
hostname" workaround and MTU 1410.
Aug 8, 2003: Uploaded Mandrake 9.1 PPC binary RPMs for l2tpd
Aug 2, 2003: Uploaded new SuperFreeS/WAN RPMS with Advanced
Routing patch enabled.
Jul 31, 2003: Uploaded new freeswan.rpms for Mandrake, with
'malformed payload' patch.
Jul 27, 2003: Uploaded RPM for RH9.
Jul 21, 2003: Uploaded l2tpd-0.69-7jdl RPMs. Updated to
SuperFreeS/WAN 1.99.8, which simplifies the setup.
Jun 23, 2003: NAT-T fix by Mathieu Lafon works for some clients,
but not for others.
Jun 23, 2003: Firewall problem more or less fixed by
introduction of "listen-addr" parameter.
Mar 31, 2003: Updated IPsec clients released by Microsoft for
May 21, 2003: Corrected error: client IP addresses allowed by
l2tpd are specified with 'lac', not 'ip range'.
May 9, 2003: Added reference to Martin Köppe's Howto.
SafeNet Softremote NAT-T works. IPX too.
Apr 11, 2003: Uploaded new RPMS and tarball.
Apr 7, 2003: NAT-T doesn't work for all clients. Updated PPP and
smartcard info. Better to restrict passwords to certain IP addresses!
Mar 17, 2003: Added debug and chap-secrets info.
Mar 16, 2003: Added Mandrake RPMs with Delete/Notification
Mar 14, 2003: Added distribution info.
Mar 10, 2003: Added reference to SnapGear. Mandrake 9.0 also
works. Just don't use apostrophes in certificates :-)
Mar 8, 2003: SSH Sentinel and Win2000 Server work. Uploaded new
RPMS which do not require N_HDLC.
Mar 3, 2003: WinXP Home should work.
Feb 27, 2003: Uploaded new RPMS.
Feb 26, 2003: Support for Windows 2000 Prof confirmed, through
Jan 17, 2003: Road Warrior support for rp-l2tp is discussed.
Dec 27, 2002: Updated left/rightprotoport remark.
Dec 26, 2002: NetBEUI probably not supported. Added MTU remarks.
Dec 21, 2002: rp-l2tp reported to work.
Dec 15, 2002: Major update.
Nov 6, 2002: Spread contents over 3 webpages.
Sep 23, 2002: Redesigned.
Sep 15, 2002: Let's call it the MSL2TP client.
July 22, 2002: PSK works, as expected.
July 22, 2002: Added reference to proxy arp.
July 20, 2002: Added report of preliminary l2tpd success.
July 15, 2002: Changed <h4> headings since Opera does not
display them. Added PSK remarks.