L2TP for IP Tunnel

njh · December 31, 2018, 12:29am

Hi,

I am thinking about switching from pfSense to VyOS for my home network router. I have a slightly unusual setup in that I get my broadband from one provider but get IPv6 connectivity and static IPv4 address from AAISP over a L2TP tunnel:
https://www.aaisp.net.uk/broadband-l2tp.html

This is plain L2TP, unencrypted over UDP without any IPSec.

There is no mention of VyOS supporting this on the IP Tunnelling page:
https://wiki.vyos.net/wiki/IP_tunneling

Does anyone know if it is currently possible to do this with VyOS?

Thanks,

nick.

hagbard · January 7, 2019, 11:29pm

Shouldn’t be an issue.
‘set interfaces l2tpv3 …’ in conf mode should do what you are looking for, I think.

njh · January 8, 2019, 4:53pm

Thanks @hagbard. I didn’t previously find the l2tpv3 interface type.

I will take a look at docs and see if I can get it working:
https://wiki.vyos.net/wiki/L2TPv3

njh · January 29, 2019, 12:05am

Now that I have a semi-usable VyOS I have tried setting up a L2TP tunnel, however I don’t see how to configure the ppp username and password? Also, I am not sure it is backwards compatible with L2TPv2 (RFC2661)?

dmbaturin · January 29, 2019, 12:18am

L2TPv3 is a different thing. What AAISP does is normal L2TPv2, the same that people use in L2TP/IPsec, just without IPsec.
The bad news is that we don’t have a CLI for L2TP client in VyOS yet. The good news is that you are willing to test it in realistic settings, we can add it—the main reason no one did is because there was no one interested in testing it.

njh · January 29, 2019, 12:22am

Very happy to help test
Can also try writing code if I can work it out…

I understand that L2TPv2 is very commonly used to connect from the DSLAM to the LNS on DSL connections in the UK.

BTW AAISP provide instructions for how to setup xl2tpd and pppd on Linux here:
https://support.aa.net.uk/L2TP_Client:_Linux

njh · February 3, 2019, 5:36pm

Ticket created: ⚓ T1229 Add support for unencrypted L2TPv2 client connections

Jim · February 10, 2019, 9:45am

I also would like to test this, currently have a test box installed before looking at building a custom box for Vyos.

jmcg · October 17, 2020, 9:44am

Also willing to test this. Same setup, with L2TP provided by AAISP.

ropeguru · January 28, 2021, 4:39pm

This was asked for 2 years ago and is sitting as a feature request. Any chance it will ever actually get looked at?

Sorry to dredge up an old thread.