Category:Incoming L2TP: Difference between revisions
(→Notes on setting up L2TP IN to AAISP:: Make the Mikrotik link at least a redlink, even if it's not great...) |
|||
(34 intermediate revisions by 5 users not shown) | |||
Line 1: | Line 1: | ||
__NOTOC__<indicator name="L2TP">[[File:Menu-L2TP.svg|link=:Category:L2TP|30px|Back up to the L2TP Category]]</indicator> |
__NOTOC__<indicator name="L2TP">[[File:Menu-L2TP.svg|link=:Category:L2TP|30px|Back up to the L2TP Category]]</indicator> |
||
=L2TP from Customers to AAISP= |
= L2TP from Customers to AAISP = |
||
There are two reasons to use L2TP to connect in to AAISP: |
There are two reasons to use L2TP to connect in to AAISP: |
||
#As a backup for your existing AAISP circuit in the event of a fault. |
# As a backup for your existing AAISP circuit in the event of a fault. |
||
#*Logging in over L2TP using your DSL credentials (ie xxx@a.1) from a different ISP will give you your normal IP addresses. You can use this whilst your AAISP connection is being fixed. |
#* Logging in over L2TP using your DSL credentials (ie xxx@a.1) from a different ISP will give you your normal IP addresses. You can use this whilst your AAISP connection is being fixed. |
||
#*This is enabled by default and available to everyone, there are no extra charges. Usage is taken from your quota in the usual way as if you were connecting over DSL. |
#* This is enabled by default and available to everyone, there are no extra charges. Usage is taken from your quota in the usual way as if you were connecting over DSL. |
||
#* Speed & monthly usage are capped depending on the service you have, but these should be reasonable for most users - see the main website as it'll be described there. |
|||
#*Regarding IP routing, The L2TP has priority over the DSL, so you'd want to bring it up/down as and when required as the DSL won't have IPs routed to it when the L2TP is up. |
#* Regarding IP routing, The L2TP has priority over the DSL, so you'd want to bring it up/down as and when required as the DSL won't have IPs routed to it when the L2TP is up. |
||
#Connect in to AAISP over a third-party internet connection. |
# Connect in to AAISP over a third-party internet connection. |
||
#*This gives you your an AAISP IPv4 address and an IPv6 block. This will then give you unfiltered internet access with public IP addresses etc. |
#* This gives you your an AAISP IPv4 address and an IPv6 block. This will then give you unfiltered internet access with public IP addresses etc. |
||
⚫ | |||
#* Speed is capped at 200Mb/s (3Mb/s for the low-cost Light service). |
|||
⚫ | |||
==Connection Details== |
== Connection Details == |
||
* Endpoint: |
* Endpoint: |
||
**l2tp.aa.net.uk |
** l2tp.aa.net.uk |
||
**or l2tp6.aa.net.uk |
** or l2tp6.aa.net.uk |
||
* Username & Password as supplied |
* Username & Password as supplied |
||
* Hostname: AAISP |
* Hostname: AAISP |
||
* Authentication Protocol: CHAP/MSCHAPv2 or PAP, but recommend CHAP, as L2TP is not encrypted |
* Authentication Protocol: CHAP/MSCHAPv2 or PAP, but recommend CHAP, as L2TP is not encrypted |
||
* Plain L2TP '''without any IPsec'''. This is important as some devices may not support disabling encryption on L2TP |
* Plain L2TP '''without any IPsec'''. This is important as some devices may not support disabling encryption on L2TP, eg iPhones |
||
* Check that your ISP/mobile provider does not have features that will block 'VPN' services - eg Vodafone's 'SecureNet' will block access to our L2TP service but can usually be disabled via the provider's control pages/App/etc |
|||
*Please use the DNS name (l2tp.aa.net.uk) instead of hardcoding an IP address; IP addresses can and do change. If you have to use an IP, use 194.4.172.12, but do check the DNS for l2tp.aa.net.uk in case it changes. |
|||
*Static routes? Some L2TP client's config needs to have a static route to route traffic to the L2TP server directly rather than through the tunnel(!) - in these cases you may need to add multiple static routes and keep them updated as the IPs that l2tp.aa.net.uk may change and increase over time. |
|||
=== |
=== Speed/Latency Tweaks === |
||
See: [[L2TP-Latency-Speed-Tweaks]] |
|||
⚫ | |||
=== MTU === |
|||
⚫ | You may have to set a lower MTU to accommodate the host ISP, possibly as low as 1462 (or lower for some ISPs and still lower for mobile networks). In theory fragments will work to allow 1500 MTU on our service, but fragments are inefficient, and if everyone sends fragmented packets that could degrade the service. |
||
=== Port forwarding on some 'Mobile Broadband' routers === |
|||
We have reports from a few customers who are using 4G/5G mobile data routers for 'mobile broadband' that whilst they do support L2TP they do not appear to port forward the static IP on the L2TP. The web UI suggests that port-forwarding can be configured, but this seems to only port-forward the IP address on the mobile data connection and not the IP address on the L2TP connection. We suggest that customers should report this as a bug to the supplier/manufacturer of the router. This can have an impact on using our L2TP service as these routers will be restricting the capabilities (ie port forwarding). A work-around is to to a separate Ethernet router on your LAN to establish the tunnel. |
|||
= Notes on setting up L2TP IN to AAISP: = |
= Notes on setting up L2TP IN to AAISP: = |
||
{{AAMenu|img=Menu-FireBrick.svg|link=L2TP_Client:_FireBrick|title=L2TP from FireBrick|text=Creating a L2TP connection from a FireBrick to AAISP |
{{AAMenu|img=Menu-FireBrick.svg|link=L2TP_Client:_FireBrick|title=L2TP from FireBrick|text=Creating a L2TP connection from a FireBrick to AAISP}} |
||
{{AAMenu|img=Menu-Apple.svg|link=L2TP_Client:_OSX|title=L2TP from OSX|text=Creating a L2TP connection from Apple OSX to AAISP}} |
{{AAMenu|img=Menu-Apple.svg|link=L2TP_Client:_OSX|title=L2TP from OSX|text=Creating a L2TP connection from Apple OSX to AAISP}} |
||
{{AAMenu|img=Menu-Apple.svg|link=L2TP_Client:_iOS|title=L2TP from iOS|text=Our L2TP service won't work from iOS (iPhones & iPads)}} |
|||
{{AAMenu|img=Menu-Windows.svg|link=L2TP_Client:_Windows|title=L2TP from Windows|text=Creating a L2TP connection from Windows to AAISP}} |
{{AAMenu|img=Menu-Windows.svg|link=L2TP_Client:_Windows|title=L2TP from Windows|text=Creating a L2TP connection from Windows to AAISP}} |
||
{{AAMenu|img=Menu-Linux.svg|link=L2TP_Client: |
{{AAMenu|img=Menu-Linux.svg|link=L2TP_Client:_Debian|title=L2TP from Debian|text=Creating a L2TP connection from Debian to AAISP using xl2tpd}} |
||
{{AAMenu|img=Menu-Linux.svg|link= |
{{AAMenu|img=Menu-Linux.svg|link=L2TP_Client:_Linux|title=L2TP from Linux|text=Creating a L2TP connection from Linux/Ubuntu/Network Manager to AAISP using xl2tpd}} |
||
{{AAMenu|img=Menu-Linux.svg|link=Router:Linux_-_Debian_-_With_L2TP_Fallback|title=L2TP Failover with Debian|text=Creating a L2TP fallback for AAISP using xl2tpd}} |
|||
{{AAMenu|img=Menu-Routerboard.svg|link=L2TP_Client:_Routerboard|title=L2TP from Routerboard|text=Creating a L2TP connection from Routerboard to AAISP}} |
{{AAMenu|img=Menu-Routerboard.svg|link=L2TP_Client:_Routerboard|title=L2TP from Routerboard|text=Creating a L2TP connection from Routerboard to AAISP}} |
||
{{AAMenu|img=Menu-OpenWRT.svg|link=L2TP_Client:_OpenWRT|title=L2TP from OpenWRT|text=Creating a L2TP connection from OpenWRT to AAISP}} |
{{AAMenu|img=Menu-OpenWRT.svg|link=L2TP_Client:_OpenWRT|title=L2TP from OpenWRT|text=Creating a L2TP connection from OpenWRT to AAISP}} |
||
{{AAMenu|img=Menu-Cisco.svg|link=L2TP_Client:_Cisco|title=L2TP from Cisco|text=Creating a L2TP connection from Cisco to AAISP}} |
{{AAMenu|img=Menu-Cisco.svg|link=L2TP_Client:_Cisco|title=L2TP from Cisco|text=Creating a L2TP connection from Cisco to AAISP}} |
||
{{AAMenu|img=Menu- |
{{AAMenu|img=Menu-voip.svg|link=L2TP_Client:_SNOM|title=L2TP from a SNOM VoIP Phone|text=Creating a L2TP connection from a SNOM phone to AAISP}} |
||
{{AAMenu|img=Menu-router.svg|link=L2TP_Client:_Mobile_Broadband_Routers|title=L2TP from 4G/5G Huawei/Gigacube|text=Creating a L2TP connection 4G/5G Huawei/Gigacube type mobile broadband routers to AAISP}} |
|||
{{AAMenu|img=Menu-router.svg|link=L2TP_Client:_Other_Routers|title=L2TP from Other Routers|text=Generic information for creating a L2TP connection from other routers to AAISP (eg Netgear, TP-Link etc that are not listed here}} |
|||
{{AAMenu|img=Menu-router.svg|link=L2TP_Client:_Ubiquiti_Edgerouter|title=Ubiquiti|text=Problems with Ubiquiti Edgerouter}} |
|||
{{AAMenu|img=Menu-router.svg|link=L2TP_Client:_Routerboard|title=MikroTik|text=Create an L2TP connection from a MikroTik Routerboard}} |
|||
{{AAMenu|img=Menu-router.svg|link=L2TP_Client:_OpenWRT_with_Policy_Based_Routing|title=OpenWRT-Policy Based Routing|text=Create an L2TP connection from a OpenWRT with Policy Based Routing}} |
|||
[[Category:L2TP]] |
[[Category:L2TP]] |
Latest revision as of 07:15, 7 Haziran 2024
L2TP from Customers to AAISP
There are two reasons to use L2TP to connect in to AAISP:
- As a backup for your existing AAISP circuit in the event of a fault.
- Logging in over L2TP using your DSL credentials (ie xxx@a.1) from a different ISP will give you your normal IP addresses. You can use this whilst your AAISP connection is being fixed.
- This is enabled by default and available to everyone, there are no extra charges. Usage is taken from your quota in the usual way as if you were connecting over DSL.
- Speed & monthly usage are capped depending on the service you have, but these should be reasonable for most users - see the main website as it'll be described there.
- Regarding IP routing, The L2TP has priority over the DSL, so you'd want to bring it up/down as and when required as the DSL won't have IPs routed to it when the L2TP is up.
- Connect in to AAISP over a third-party internet connection.
- This gives you your an AAISP IPv4 address and an IPv6 block. This will then give you unfiltered internet access with public IP addresses etc.
- Speed is capped at 200Mb/s (3Mb/s for the low-cost Light service).
- There are more reasons for doing this and further information and ordering on A&A L2TP service.
Connection Details
- Endpoint:
- l2tp.aa.net.uk
- or l2tp6.aa.net.uk
- Username & Password as supplied
- Hostname: AAISP
- Authentication Protocol: CHAP/MSCHAPv2 or PAP, but recommend CHAP, as L2TP is not encrypted
- Plain L2TP without any IPsec. This is important as some devices may not support disabling encryption on L2TP, eg iPhones
- Check that your ISP/mobile provider does not have features that will block 'VPN' services - eg Vodafone's 'SecureNet' will block access to our L2TP service but can usually be disabled via the provider's control pages/App/etc
- Please use the DNS name (l2tp.aa.net.uk) instead of hardcoding an IP address; IP addresses can and do change. If you have to use an IP, use 194.4.172.12, but do check the DNS for l2tp.aa.net.uk in case it changes.
- Static routes? Some L2TP client's config needs to have a static route to route traffic to the L2TP server directly rather than through the tunnel(!) - in these cases you may need to add multiple static routes and keep them updated as the IPs that l2tp.aa.net.uk may change and increase over time.
Speed/Latency Tweaks
See: L2TP-Latency-Speed-Tweaks
MTU
You may have to set a lower MTU to accommodate the host ISP, possibly as low as 1462 (or lower for some ISPs and still lower for mobile networks). In theory fragments will work to allow 1500 MTU on our service, but fragments are inefficient, and if everyone sends fragmented packets that could degrade the service.
Port forwarding on some 'Mobile Broadband' routers
We have reports from a few customers who are using 4G/5G mobile data routers for 'mobile broadband' that whilst they do support L2TP they do not appear to port forward the static IP on the L2TP. The web UI suggests that port-forwarding can be configured, but this seems to only port-forward the IP address on the mobile data connection and not the IP address on the L2TP connection. We suggest that customers should report this as a bug to the supplier/manufacturer of the router. This can have an impact on using our L2TP service as these routers will be restricting the capabilities (ie port forwarding). A work-around is to to a separate Ethernet router on your LAN to establish the tunnel.
Notes on setting up L2TP IN to AAISP:
L2TP from FireBrick
Creating a L2TP connection from a FireBrick to AAISP
L2TP from OSX
Creating a L2TP connection from Apple OSX to AAISP
L2TP from iOS
Our L2TP service won't work from iOS (iPhones & iPads)
L2TP from Windows
Creating a L2TP connection from Windows to AAISP
L2TP from Debian
Creating a L2TP connection from Debian to AAISP using xl2tpd
L2TP from Linux
Creating a L2TP connection from Linux/Ubuntu/Network Manager to AAISP using xl2tpd
L2TP Failover with Debian
Creating a L2TP fallback for AAISP using xl2tpd
L2TP from Routerboard
Creating a L2TP connection from Routerboard to AAISP
L2TP from OpenWRT
Creating a L2TP connection from OpenWRT to AAISP
L2TP from Cisco
Creating a L2TP connection from Cisco to AAISP
L2TP from a SNOM VoIP Phone
Creating a L2TP connection from a SNOM phone to AAISP
L2TP from 4G/5G Huawei/Gigacube
Creating a L2TP connection 4G/5G Huawei/Gigacube type mobile broadband routers to AAISP
L2TP from Other Routers
Generic information for creating a L2TP connection from other routers to AAISP (eg Netgear, TP-Link etc that are not listed here
Ubiquiti
Problems with Ubiquiti Edgerouter
MikroTik
Create an L2TP connection from a MikroTik Routerboard
OpenWRT-Policy Based Routing
Create an L2TP connection from a OpenWRT with Policy Based Routing
Pages in category 'Incoming L2TP'
The following 16 pages are in this category, out of 16 total.
L
- L2TP Client: Cisco
- L2TP Client: Debian
- L2TP Client: FireBrick
- L2TP Client: iOS
- L2TP Client: Linux
- L2TP Client: Mobile Broadband Routers
- L2TP Client: OpenWRT
- L2TP Client: OSX
- L2TP Client: Other Routers
- L2TP Client: pfSense
- L2TP Client: Routerboard
- L2TP Client: SNOM
- L2TP Client: Ubiquiti Edgerouter
- L2TP Client: Windows
- L2TP Latency Speed Tweaks
- L2TP Starlink