Old revision history "Using a Linux L2TP/IPsec VPN server"

Dec 21, 2004: RH7.3 l2tpd RPM available again because updates are available (Fedora Legacy, Axel Thimm) and it is the last RH version to support low-end (i.e. 386/486) systems.
Dec 5, 2004: XP SP2 requires a registry modification when the VPN server is behind NAT.
Dec 1, 2004: Uploaded rp-l2tp-0.4-1jdl RPMS for those distributions without BSD legacy ptys.
Nov 28, 2004:
Pppd and NAT-T info updated. NAT-T with MSL2TP/Sentinel to NETKEY fails?
Nov 27, 2004: Updated to reflect Openswan configuration instead of FreeS/WAN.
Nov 10, 2004: SECURITY FIX: released l2tpd-0.69-10jdl, fixes a buffer overflow.
Oct 30, 2004: L2TP/IPsec support in development for IPCop.
Oct 26, 2004:
Added link to a new L2TP kernel-based implementation called OpenL2TP.
Oct 18, 2004:
Added chroot remark. Added link to Sverre's page about using certs and PSKs at the same time.
Oct 12, 2004: Dropping support for SuSE 8.0.
Sep 9, 2004:
The split tunnelling trick was not watertight.
Jun 28, 2004: SECURITY FIX: Upgrade your FreeS/WAN, Openswan or strongSwan.
Jun 22, 2004: Suggest a final check of the VPN server: do a portscan and sniff the network.
Jun 21, 2004: Uploaded l2tpd RPM for SuSE 9.1. Added links to Astaro.org and LR101.
Jun 18, 2004: Dropped support for Mandrake 9.0.
Jun 11, 2004: Tested Openswan with NETKEY on Mandrake 10: seems to work, but not with NAT-T.
May 18, 2004:
EU Commission ignores EU Parliament and wants to approve software patent laws :-(. This may impact Open Source L2TP users in the EU.
May 6, 2004: Added references to Windows IPsec/PPP logging.
Mar 2, 2004:
FreeS/WAN 2.06 lacks Transport Mode so you can't use it for L2TP/IPsec.
Mar 1, 2004: FreeS/WAN discontinued! Migrate to Openswan, strongSwan or NETKEY.
Jan 26, 2004: Updated link to Peter Gutmann's comparative study on Linux VPNs. A must read!
Jan 25, 2004: Added remarks on Mandrake 9.2 SuperFreeS/WAN RPMs.
Jan 20, 2004: Updated Mandrake kernel information. Dropping Mandrake 8.x support because Mandrake itself has dropped support (no more security updates).
Dec 25, 2003: Success with my Pocket PC certificate import utility (but only if the root cert is small?!)
Nov 15, 2003: First successful test with Panther.
Nov 6, 2003: Moved Pocket PC and Panther information to separate pages.
Nov 2, 2003: Linux kernel 2.6 + KAME + l2tpd is reported to work with XP and Panther by Chris Andrews. NAT not tested yet.
Oct 21, 2003: Problem with the NAT-T patch: Preshared Keys don't work with NAT.
Oct 21, 2003: Did some testing with Pocket PC 2003's built-in VPN client.
Oct 12, 2003: NAT-T bug in Sentinel 1.4.1 seems to have been fixed in build 98. But another bug pops up.
Oct 2, 2003: Compiled new SuperFreeS/WAN RPMS with updated NAT-T Transport Mode patch by Mikael Lönnroth.
Oct 2, 2003: Added link to VPNDialer GUI for IPSEC.EXE.
Sep 21, 2003: Windows 2000/XP NAT-T works, but only with a dirty (and unsafe) hack.
Sep 21, 2003: FreeS/WAN 2.00, 2.01, 2.02 have an SHA-1 bug with MSL2TP client.
Sep 19, 2003: Added a report that the pppd DHCP plugin works.
Sep 2, 2003: More on split tunnelling.
Aug 22, 2003: Added some ideas about using Linux as an L2TP/IPsec client.
Aug 12, 2003: NAT-T update for XP re-released. Multiple clients behind same NAT do not work.
Aug 8, 2003: Uploaded l2tpd-0.69-8jdl RPMs with "Specify your hostname" workaround and MTU 1410.
Aug 8, 2003: Uploaded Mandrake 9.1 PPC binary RPMs for l2tpd and freeswan.
Aug 2, 2003: Uploaded new SuperFreeS/WAN RPMS with Advanced Routing patch enabled.
Jul 31, 2003:
Uploaded new freeswan.rpms for Mandrake, with 'malformed payload' patch.
Jul 27, 2003: Uploaded RPM for RH9.
Jul 21, 2003
: Uploaded l2tpd-0.69-7jdl RPMs. Updated to SuperFreeS/WAN 1.99.8, which simplifies the setup.
Jun 23, 2003: NAT-T fix by Mathieu Lafon works for some clients, but not for others.
Jun 23, 2003: Firewall problem more or less fixed by introduction of "listen-addr" parameter.
Mar 31, 2003: Updated IPsec clients released by Microsoft for Windows 2000/XP.
May 21, 2003: Corrected error: client IP addresses allowed by l2tpd are specified with 'lac', not 'ip range'.
May 9, 2003: Added reference to Martin Köppe's Howto. SafeNet Softremote NAT-T works. IPX too.
Apr 11, 2003: Uploaded new RPMS and tarball.
Apr 7, 2003: NAT-T doesn't work for all clients. Updated PPP and smartcard info. Better to restrict passwords to certain IP addresses!
Mar 17, 2003: Added debug and chap-secrets info.
Mar 16, 2003: Added Mandrake RPMs with Delete/Notification patch.
Mar 14, 2003: Added distribution info.
Mar 10, 2003: Added reference to SnapGear. Mandrake 9.0 also works. Just don't use apostrophes in certificates :-)
Mar 8, 2003: SSH Sentinel and Win2000 Server work. Uploaded new RPMS which do not require N_HDLC.
Mar 3, 2003: WinXP Home should work.
Feb 27, 2003: Uploaded new RPMS.
Feb 26, 2003: Support for Windows 2000 Prof confirmed, through using N_HDLC.
Jan 17, 2003: Road Warrior support for rp-l2tp is discussed.
Dec 27, 2002: Updated left/rightprotoport remark.
Dec 26, 2002: NetBEUI probably not supported. Added MTU remarks.
Dec 21, 2002: rp-l2tp reported to work.
Dec 15, 2002: Major update.
Nov 6, 2002: Spread contents over 3 webpages.
Sep 23, 2002: Redesigned.
Sep 15, 2002: Let's call it the MSL2TP client.
July 22, 2002: PSK works, as expected.
July 22, 2002: Added reference to proxy arp.
July 20, 2002: Added report of preliminary l2tpd success.
July 15, 2002: Changed <h4> headings since Opera does not display them. Added PSK remarks.