How to Setup Your Own IPsec/L2TP VPN Server in Linux

sudo nano /etc/sysctl.conf
sudo nano /etc/rc.local

First, purge the xl2tpd package, which will remove the package along with its configuration files, ensuring a cleaner uninstall.

Prerequisites:

In this article, you will learn how to quickly and automatically set up your own IPsec/L2TP VPN server in RHEL-based distributions (Rocky Linux and Alma Linux) and Debian-based distributions (Ubuntu and Mint).
First, log in to your VPS via SSH, then run the appropriate commands for your distribution to set up the VPN server. By default, the script will generate random VPN credentials (pre-shared key, VPN username, and password) for you and display them at the end of the installation.

  • DigitalOcean – Starting at $4/month, includes $200 in credits for 60 days for new users.
  • Linode (Akamai) – Starting at $5/month, includes $100 in credits for 60 days for new users.

At this point, your own VPN server is up and running. You can share any queries or give us feedback using the comment form below.

Affiliate Disclosure: The links above are affiliate links. If you sign up through them, we may earn a small commission at no extra cost to you. This helps support our content creation.

Setting Up an IPsec/L2TP VPN Server in Linux

On RHEL-based distributions such as Rocky Linux and Alma Linux, run:
sudo apt-get purge xl2tpd

For example:
sudo sh del_vpn_user.sh ‘john_doe’

How to Upgrade Libreswan Installation in Linux

sh vpnupgrade.sh

Uninstalling the VPN Server in Linux

To completely remove all VPN-related files and directories, run these commands:
sudo nano /etc/sysconfig/iptables

Before that, make sure to check the latest version first from the Libreswan releases page and note down the version number.

Setup Your Own IPsec VPN in Linux
Set up Your Own IPsec VPN in Linux

However, if you want to use your own credentials, first you need to generate a strong password and PSK as shown.
wget -O del_vpn_user.sh https://raw.githubusercontent.com/hwdsl2/setup-ipsec-vpn/master/extras/del_vpn_user.sh
sudo sh del_vpn_user.sh ‘username_to_delete’

Recommended VPS Providers:

Adding a New VPN User

First, remove the xl2tpd package, which will remove the L2TP daemon, one of the core VPN components.
A fresh RHEL-based or Debian-based VPS (Virtual Private Server) from any provider.
nano vpnupgrade.sh

To add the VPN connection in a mobile device such as an Android phone, go to SettingsNetwork & Internet (or Wireless & NetworksMore) → AdvancedVPN and then select the option to add a new VPN. The VPN type should be set to IPSec Xauth PSK, then use the VPN gateway and credentials above.
Once your VPN server is up and running, you’ll need to manage user access, such as how to add, modify, or remove VPN users on your Linux system.
wget https://git.io/vpnsetup -O vpnsetup.sh && VPN_IPSEC_PSK=’dJIV0G0z75euA7fPdB8SKw==’ VPN_USER=’tecmint’ VPN_PASSWORD=’7GxIz2gQooSeLg==’ sudo sh vpnsetup.sh
sudo bash vpnsetup.sh

yum remove xl2tpd

#On RHEL-based distros
wget https://git.io/vpnupgrade-centos -O vpnupgrade.sh

#On Debian-based distros
wget https://git.io/vpnupgrade -O vpnupgrade.sh

SWAN_VER=5.3 # Change this to the version you want

Next, remove system configuration changes in the configuration files.
openssl rand -base64 10
openssl rand -base64 16

Generate a Secure Password and PSK
Generate a Secure Password and PSK

There are so many benefits of using a VPN (Virtual Private Network), some of which include keeping you safe on the internet by encrypting your traffic and helping you to access blocked content/sites/web applications from anywhere anonymously.

Uninstalling VPN on RHEL

Then it downloads, compiles, and installs Libreswan from source, enables and starts the necessary services. Once the installation is complete, the VPN details will be displayed as shown in the following screenshot.
sudo rm -f /etc/ipsec.conf* /etc/ipsec.secrets* /etc/ppp/chap-secrets* /etc/ppp/options.xl2tpd* /etc/pam.d/pluto /etc/sysconfig/pluto /etc/default/pluto
sudo rm -rf /etc/ipsec.d /etc/xl2tpd

Additional Resources

wget https://git.io/vpnsetup-centos -O vpnsetup.sh && VPN_IPSEC_PSK=’dJIV0G0z75euA7fPdB8SKw==’ VPN_USER=’tecmint’ VPN_PASSWORD=’7GxIz2gQooSeLg==’ sh vpnsetup.sh
sudo bash vpnsetup.sh

Next, you need to set up a VPN client for your desktops or laptops with a graphical user interface, refer to this guide: How To Setup an L2TP/Ipsec VPN Client on Linux.
To set up the VPN server, we will use a wonderful collection of shell scripts created by Lin Song, that installs Libreswan as the IPsec server, and xl2tpd as the L2TP provider. The offering also includes scripts to add or delete VPN users, upgrade the VPN installation, and much more.

Uninstalling VPN on Debian/Ubuntu

To create a new VPN user or update an existing VPN user with a new password, download and use the add_vpn_user.sh script using the following wget command.
Both providers offer reliable performance and excellent uptime for running VPN servers.
sudo sh add_vpn_user.sh ‘john_doe’ ‘SecurePass123!’

Removing a VPN User

Reference: https://github.com/hwdsl2/setup-ipsec-vpn
Next, download the upgrade script file.

sudo nano /etc/iptables.rules
sudo nano /etc/iptables/rules.v4

wget -O add_vpn_user.sh https://raw.githubusercontent.com/hwdsl2/setup-ipsec-vpn/master/extras/add_vpn_user.sh
sudo sh add_vpn_user.sh ‘username_to_add’ ‘user_password’

Make sure to replace username_to_add with the desired username and user_password with a strong password.

Similar Posts