ARCHIVED: In Linux, how can I make an L2TP over IPsec VPN connection to the IU network, and what software do I need?

This content has been archived, and is no longer maintained by Indiana University. Information here may no longer be accurate, and links may no longer be available or reliable.

Note:

For off-campus connections to the IU network, use the recommended SSL VPN.

IU Secure is the wireless network for students, faculty, and staff to access on all campuses. IU Secure uses WPA2 Enterprise (Wi-Fi Protected Access) for authentication and encryption.

Indiana University provides a script to help you make a VPN connection; the latest version is available at IUware.

You must at least have pptp and ppp-mppe installed. Most modern distributions install the basic pptp requirements automatically; refer to your distribution's support area if you are unsure.

Other requirements are listed below. For some of these, you will need the developer tools for your distribution and the current kernel headers. For help accessing these tools, review the documentation and support areas for your distribution.

Openswan
To install Openswan, go to the Openswan web site and download the tar.gz file. Then, enter the following commands:
```
  tar -xzvf [openswanfilename].tar.gz
  cd [openswan directory]
  make programs 
  make programs install 
```
The make programs install command must be issued with root privileges.

Note: Mandriva and Red Hat Enterprise Linux do not install gmp.h with the standard "devel" groups. Mandriva needs to have libgmp3-devel-VERSION-FOO.rpm installed (libgmp3-devel doesn't come on the install DVD, but is in install repositories like USSG's mirror). RHEL needs gmp-devel-VERSION-BAR.rpm.
xl2tpd
To install xl2tpd, go to the xl2tpd web site and download the tar.gz file. Then, enter the following commands:
```
  tar -xzvf [xl2tpdfilename].tar.gz 
  cd [xl2tpd directory]
  make 
  make install
```
The make install command must be issued as root.
Other kernel modules (most distributions except Gentoo include these by default):
- Networking
- (M) PF_KEY sockets
- (M) IP: AH transformations
- (M) IP: ESP transformations
- (M) IP: IPComp transformations
- (M) IP: tunnel transformations
- (M) IPsec user configuration interface

Once you have downloaded the script from IUware, run the following commands in a terminal window:

  cd /path/to/vpnscript/location
  tar -xzf iu-vpn-ipsec-VERSION.tgz
  cd iu-vpn-ipsec-VERSION
  make install
  vpn-config-ipsec

Run the last two commands as root; follow the prompts for vpn-config-ipsec.

This will complete your installation. To make a VPN connection, run the following command in a terminal window as root:

  iu-vpn-ipsec start

To stop the connection, run as root:

  iu-vpn-ipsec stop

To uninstall the script, enter in a terminal window (enter the last command as root):

  cd /path/to/iu-vpn-ipsec-VERSION
  make uninstall

At Indiana University, for personal or departmental Linux or Unix systems support, see Get help for Linux or Unix at IU.