Linux VPN 操作系统相关 笔记

Notes: PPTP/L2TP Server on Ubuntu

By @sskaje

From: and

This is an integrated & simplified intro about installing pptp/l2tp server on ubuntu 12.04.


pptpd, xl2tpd, openswan are needed.
ppp should be installed by default, you can apt-get install ppp just for sure.
dnsmasq is needed to simplify dns issue.
So, just type commands:


Server ip is assigned as:
Client ip are in :


Configure dnsmasq

You can do nothing, but I just suggest add a

then reload.
If you’re running an open dns forwarder in Linode and set your requests forwarded to Linode’s own dns server, staff would open a ticket to warn you not doing this.

Configure pptp server



Configure xl2tp server


The left=x.x.x.x just set your ip from ifconfig, do not set as, I don’t know why, just find it not working.
Anytime you changed your server ip, DO NOT FORGET to change this line. If any of you have a better solution, please let me know.


Change YourPreSharedKey to any pre-shared key you want.


You can change the ip range to maybe as you want.


Configure ip forwarding


run commands


run commands

Reload services

run commands

Amazon EC2

If you’re using Amazon EC2, you need to add new inbound rules to security group.

Custom TCP rule; Port range: 1723; Source:;
Custom TCP rule; Port range: 500; Source:;

Custom UDP rule; Port range: 500; Source:;
Custom UDP rule; Port range: 1701; Source:;
Custom UDP rule; Port range: 4500; Source:;

More on iptables

Full list of iptables rules: (Originally from, L2TP related rules added)

And, says:

L2TP is totally insecure, and must NOT be accessible outside the IPsec connection
Use iptables to block all l2tp connection outside the ipsec layer:

Notes: PPTP/L2TP Server on Ubuntu by @sskaje: