Giganews VyprVpn on Linux with IPSEC and L2TP

01 May 2011

Ataraxia Consulting


I’m not a fan of PPTP, but unfortunately that’s the only listed configuration option for giganews’ VpyVpn service (http://www.giganews.com/vyprvpn/setup/linux/pptp.html). So the following are a few configuration files you can use to connect to vyprvpn using ipsec and l2tp. I tested with Ubuntu 10.04, OpenSWAN, and xl2tpd.

The /etc/ipsec.conf stanza

conn giganews
        authby=secret
        pfs=no
        rekey=yes
        keyingtries=3
        type=transport
        left=%defaultroute
        leftprotoport=17/1701
        right=us1.vpn.giganews.com
        rightid=@us1.vpn.giganews.com
        rightprotoport=17/1701
        auto=add

The /etc/ipsec.secrets stanza

%any us1.vpn.giganews.com: PSK "thisisourkey"

The /etc/xl2tpd/xl2tpd.conf stanza, be sure to replace giganews_username with your username

[lac giganews]
lns = us1.vpn.giganews.com
require chap = yes
refuse pap = yes
require authentication = yes
; Name should be your giganews username
name = giganews_username
ppp debug = no
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes

The /etc/ppp/chap-secrets stanza, be sure to replace giganews_username and giganews_password with your username and password respectively

giganews_username us1.vpn.giganews.com "giganews_password" *

The /etc/ppp/options.l2tpd.client file

ipcp-accept-local
ipcp-accept-remote
refuse-eap
noccp
noauth
crtscts
idle 1800
mtu 1410
mru 1410
defaultroute
debug
lock
#proxyarp
connect-delay 5000

You can replace us1.vpn.giganews.com with any of the following end points, just make sure you replace all instances in the previous

  • us1.vpn.giganews.com for Los Angeles, CA
  • us2.vpn.giganews.com for Washington, DC
  • eu1.vpn.giganews.com for Amsterdam
  • hk1.vpn.giganews.com for Hong Kong

To connect you run the following commands ipsec auto --up giganews when that’s successful connect l2tp echo "c giganews" > /var/run/xl2tpd/l2tp-control

If that’s successful ppp will have replaced your default route to go out over ppp0 which represents your vpn connection.

Most of the instructions adapted from http://www.jacco2.dds.nl/networking/linux-l2tp.html