Our goal is to setup a connection (client) between two networks over L2TP. Generally traffic moves faster over PPTP, but L2TP VPNs are more secure.
We had received the connection detail directives from VPN Admin:
Authentication: PSK (password)
Encryption Method: IKEv1/IKEv2
Encryption Suite: AES-256 / SHA-256
Aggressive Mode: no
We had also IPv4 address of VPN gateway (184.108.40.206) and the internal network (172.25.193.0/23). On our side we have public IPv4 address (220.127.116.11) and our internal network (192.168.34.0/24).
On Debian 10 we need to install strongswan. And the example config file:
config setup charondebug="ike 2, knl 2, cfg 2, chd 2, dmn 2, mgr 2, job 2, net 2, enc 2, lib 2" conn %default ikelifetime=60m keylife=1440m rekeymargin=3m keyingtries=1 keyexchange=ikev1 authby=secret mobike=no ike=aes256-sha2_256-modp2048! esp=aes256-sha2_256! conn vpn1 aggressive=no auto=add left=18.104.22.168 leftsubnet=172.25.193.0/23 right=22.214.171.124 rightsubnet=192.168.34.0/24
The file /etc/ipsec.secrets contains the password:
126.96.36.199 188.8.131.52 : PSK "Top_SeCrEt-pAsSwOrD"
Now we can restart strongswan, and try our config:
# ipsec up vpn1