US1.LAX virtual and dedicated servers discounts! Order your new SSD VDS or dedicated in US1.LAX, use special coupon USASERVER and enjoy your new server with 25% discount!
  • Home
  • Servers
  • SSD VDS
  • Support
  • Blog
  • About
  • Contacts
  • Billing
  • ru
ITL DC

Configuring VPN-server on Ubuntu

Nov 27, 2014DmitryNews

Nowadays VPN services are particularly popular among “advanced” users in those countries, where freedom of expression and free access to information is restricted (China, Belarus, Russia and others). Leaving the politics aside, we note that the free access to information has made the Internet a popular and useful phenomenon.

Let’s try to make own VPN-server based on the simplest SSD VDS. Among the many technologies, we will use L2TP/IPSec. This type of VPN-tunnels is supported by not only the desktop operating systems, but the devices based on Apple IOS (iPhone, iPad) and Android.

First step is to order SSD VDS and choose Ubuntu as the operating system. There are no special resource requirements, so you can choose the simplest fare, with 512Mb of memory. Installing the operating system takes about 5-7 minutes, and after the installation you will receive an email with the access to VDS. Now choose any SSH-client (e.g. PuTTY) and proceed to setup.

Install the required applications:

1
apt-get install openswan xl2tpd ppp

During the installation process you will be asked about the key generation. Abandon the automatic key generation (select “No” in the dialog).

Using your favorite text editor (vi or nano), edit the file /etc/ipsec.conf:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
version 2.0
 
config setup
    nat_traversal=yes
    oe=off
    protostack=netkey
 
conn L2TP-PSK
    authby=secret
    pfs=no
    rekey=no
    type=tunnel
    esp=aes128-sha1
    ike=aes128-sha-modp1024
    ikelifetime=8h
    keylife=1h
    left=185.14.XX.XX
    leftnexthop=%defaultroute
    leftprotoport=17/1701
    right=%any
    rightprotoport=17/%any
    rightsubnetwithin=0.0.0.0/0
    auto=add
    dpddelay=30
    dpdtimeout=120
    dpdaction=clear

It is necessary to specify the IP-address of the VDS in the parameter left=.

The next step is to add the encryption key. To do this, specify the desired key in the file /etc/ipsec.secrets (change its value to some more secret):

1
%any %any: PSK "TestSecret"

Now we proceed to configuring L2TP. Open the file /etc/xl2tpd/xl2tpd.conf in the editor and change its contents to the following:

1
2
3
4
5
6
7
8
9
10
11
[global]
ipsec saref = yes
[lns default]
ip range = 192.168.1.231-192.168.1.239
local ip = 192.168.1.230
refuse chap = yes
refuse pap = yes
require authentication = yes
ppp debug = no
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes

Now setting up PPP. Our next target – the configuration file /etc/ppp/options.xl2tpd:

1
2
3
4
5
6
7
8
9
10
11
12
13
require-mschap-v2
ms-dns 8.8.8.8
asyncmap 0
auth
crtscts
lock
hide-password
modem
debug
name l2tpd
proxyarp
lcp-echo-interval 30
lcp-echo-failure 4

Our connection uses password authentication, so we need to mention it in the appropriate file – /etc/ppp/chap-secrets:

1
* * TestPassword *

We are done with VPN configuration, but we need to enable NAT (network address translation) in the network settings of the operating system. Open the file /etc/rc.local and specify the following command in the very beginning:

1
2
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth0 -j MASQUERADE

The configuration of our VPN-server is over. Reload VDS by reboot command and after a minute you can start using our encrypted channel for Internet access. In the meantime, let’s configure our iPhone. Go to “Settings” – “VPN”, then select “Add VPN Configuration …”. Fill in the fields:

Настройки L2TP/IPSec VPN в iPhone

  • Type of VPN – L2TP
  • Description – select any convenient name, such as My VPN or ITLDC VPN
  • Server – specify the IP-address of our VDS
  • Account – any name
  • RSA SecurID – off mode
  • Password – your selected password (in our example – TestPassword)
  • Secret – the encryption key (TestSecret)

The configuration of the client part is finished, select “Save”. To connect to a VPN, you should turn VPN on in the “Preferences”. Connecting to a VPN is quite fast: after a few seconds, you can enjoy all the benefits of the Internet, without any restrictions.

Tags: ubuntu,  vpn
Related Posts
  • Which operating system to choose?

← Which operating system to choose?
New location – EU2.SOF in Sofia BG →

Blog

  • Holiday’s sale – 50% off for all SSD VDS!

    We all love Christmas and New Year's hol...

  • EU4.PRG launch – Prague, Czech Republic!

    We are introducing new location - our ne...

  • Black Friday starts today – 60% off for all SSD VDS!

    Black Friday begins - a period of mega-s...

  • SG1.SIN launch: new datacenter in Singapore

    We are pleased to announce the launch of...

  • BLACK FRIDAY starts now – 60% discount for all SSD VDS orders!

    "Black Friday" sales starts right now! W...

  • SSD VDS with giant discount – only few days left!

    New wholesale from ITLDC with giant disc...

  • Billing system maintenance

    We scheduled upgrade of our customer' po...

  • Black Friday 2016: Get your server with up to 50% discount!

    Hurry up - Black Friday 2016 Sale alread...

ITL Europe

ITL Bulgaria Ltd.

Oborishte street 64,
Burgas 8000
Bourgas reg.,
Bulgaria

+359 2 4925555

[email protected]

ITL US HQ

Green Floid LLC

2707 East Jefferson St
Orlando
Florida, 32803
USA

+1 561 2500001

[email protected]

Services

  • Dedicated Servers
  • SSD VDS
  • Backup Storage
  • Colocation
  • Software
  • Resellers
  • User Cabinet
  • ru
© 1995-2018 ITL Group. You can freely use or share information from this site with a hyperlink to the original page.
  
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok