L2TP Client: OSX: Difference between revisions

Back up to the Incoming L2TP Category
From AAISP Support Site
 
(6 intermediate revisions by 3 users not shown)
Line 1: Line 1:
__NOTOC__<indicator name="L2TP">[[File:Menu-L2TP.svg|link=:Category:Incoming_L2TP|30px|Back up to the Incoming L2TP Category]]</indicator>
__NOTOC__<indicator name="L2TP">[[File:Menu-L2TP.svg|link=:Category:Incoming L2TP|30px|Back up to the Incoming L2TP Category]]</indicator>
[[Category:Incoming_L2TP]]
[[Category:Incoming L2TP]]
==Apple OSX==
==Apple Mac OS X==
An Apple computer can be used to create an L2TP connection in to AAISP, here's how:
An Apple computer can be used to create an L2TP connection in to AAISP, here's how:


Line 7: Line 7:
*Click the + Icon
*Click the + Icon
*Create a new VPN Interface with Type L2TP over IPSec
*Create a new VPN Interface with Type L2TP over IPSec
[[File:l2tp-osx-newconnection.png]]
[[File:l2tp-osx-newconnection.png|400px]]
*In the Authentication settings set the Password
*In the Authentication settings set the Password
*For ease of use Tick 'Show VPN status in menu bar
*For ease of use Tick 'Show VPN status in menu bar
Line 19: Line 19:
[[File:l2tp-osx-ipsecmenu.png]]
[[File:l2tp-osx-ipsecmenu.png]]


===VPN Connection - IPsec Error===
=VPN Connection - IPsec Error AKA Disable ipsec =
Use this at your own risk. The notes below involves editing/creating system files, and whilst 'worked for us' may not work for you.
Use this at your own risk. The notes below involves editing/creating system files, and whilst 'worked for us' may not work for you.


Line 38: Line 38:


If the mv (move) fails, then you may already have a /etc/ppp/options file, in this case it would need to be edited manually.
If the mv (move) fails, then you may already have a /etc/ppp/options file, in this case it would need to be edited manually.
[[File:Osx-noipsec.png|thumb|right]]
To double check that the file is correct, type:
cat /etc/ppp/options
and it should show:
plugin L2TP.ppp
l2tpnoipsec


To undo this change delete the /etc/ppp/options file.
To undo this change delete the /etc/ppp/options file.

===IPv6===

IPv6 does not seem to work on an L2TP interface when configured using the GUI, even with 'Configure IPv6' set to 'Manually'.

It can be made to work by entering commands on the command line, after the tunnel is connected:

/sbin/ifconfig ppp0 inet6 add 2001:8b0:XXXX::1/64
route add -inet6 default -interface ppp0

It should be possible to automate this by creating an /etc/ppp/auth-up script.

Latest revision as of 20:17, 3 April 2020

Apple Mac OS X

An Apple computer can be used to create an L2TP connection in to AAISP, here's how:

  • Apple Menu - Settings - Network
  • Click the + Icon
  • Create a new VPN Interface with Type L2TP over IPSec

L2tp-osx-newconnection.png

  • In the Authentication settings set the Password
  • For ease of use Tick 'Show VPN status in menu bar
  • Optionally, and probably something you want to enable: in the Advanced Settings Tick, 'Send all Traffic over VPN connection'
  • Then Connect

L2tp-osx-connected.png

  • To Disconnect, click Disconnect

You can use the new icon in the Status bar (Up by the clock, to connect and disconnect the connection

L2tp-osx-ipsecmenu.png

VPN Connection - IPsec Error AKA Disable ipsec

Use this at your own risk. The notes below involves editing/creating system files, and whilst 'worked for us' may not work for you.

By default, OSX requires the L2TP connection to use IPSec encryption. At the moment the AAISP service is just plain L2TP and does not offer encryption.

L2tp-osx-ipsecerror.png

To enable OSX to connect without IPSec, then the /etc/ppp/options file needs to be edited. A simple way of doing this is as follows:

  1. Use the Search icon to search for Terminal

Osx-finding-terminal.png

and then enter in:

echo "plugin L2TP.ppp" > options
echo "l2tpnoipsec" >> options
sudo mv options /etc/ppp

If the mv (move) fails, then you may already have a /etc/ppp/options file, in this case it would need to be edited manually.

Osx-noipsec.png

To double check that the file is correct, type:

cat /etc/ppp/options

and it should show:

plugin L2TP.ppp
l2tpnoipsec

To undo this change delete the /etc/ppp/options file.

IPv6

IPv6 does not seem to work on an L2TP interface when configured using the GUI, even with 'Configure IPv6' set to 'Manually'.

It can be made to work by entering commands on the command line, after the tunnel is connected:

 /sbin/ifconfig ppp0 inet6 add 2001:8b0:XXXX::1/64
 route add -inet6 default -interface ppp0

It should be possible to automate this by creating an /etc/ppp/auth-up script.