How to Setup an L2TP/IPsec VPN Client on Linux

L2TP (which stands for Layer 2 Tunneling Protocol) is a tunneling protocol designed to support virtual private networks (VPN connections) over the internet. It is implemented in most if not all modern operating systems including Linux and VPN-capable devices.

The L2TP does not provide any authentication or encryption mechanisms directly to traffic that passes through it, it is usually implemented with the IPsec authentication suite (L2TP/IPsec) to provide encryption within the L2TP tunnel.

In this article, we will show how to set up an L2TP/IPSec VPN connection in Ubuntu and its derivatives and Fedora Linux.

This guide assumes that the L2TP/IPsec VPN server has been set up and that you have received the following VPN connection details from your organization’s or company’s system administrator.

Gateway IP address or hostname
Username and Password
Pre-shared Key (Secret)

How to Setup L2TP VPN Connection in Linux

To add an L2TP/IPsec option to the NetworkManager, you need to install the NetworkManager-l2tp VPN plugin which supports NetworkManager 1.8 and later. It provides support for L2TP and L2TP/IPsec.

To install the L2TP module on Ubuntu and Ubuntu-based Linux distributions, use the following PPA.

$ sudo add-apt-repository ppa:nm-l2tp/network-manager-l2tp
$ sudo apt-get update
$ sudo apt-get install network-manager-l2tp  network-manager-l2tp-gnome

On RHEL/CentOS and Fedora Linux, use the following dnf command to install L2TP module.

# dnf install xl2tpd
# dnf install NetworkManager-l2tp
# dnf install NetworkManager-l2tp-gnome
OR
# yum install xl2tpd
# yum install NetworkManager-l2tp
# yum install NetworkManager-l2tp-gnome

Once the package installation is complete, click on your Network Manager icon, then go to Network Settings.

Access Network Settings

Access Network Settings

Next, add a new VPN connection by clicking on the (+) sign.

Add New VPN Connection

Add New VPN Connection

Then select Layer 2 Tunneling Protocol (L2TP) option from the pop-up window.

Select Layer 2 Tunneling Protocol

Select Layer 2 Tunneling Protocol

Next, enter the VPN connection details (gateway IP address or hostname, username and password) you received from the system administrator, in the following window.

Add VPN Details

Add VPN Details

Next, click IPsec Settings to enter the pre-shared key for the connection. Then enable IPsec tunnel to L2TP host, enter (or copy and paste the) the Pre-shared key and click Ok.

Add Pre-shared Key

Add Pre-shared Key

After that, click Add. Now your new VPN connection should be added.

VPN Connection Created

VPN Connection Created

Next, turn on the VPN connection to start using it. If the connection details are correct, the connection should be established successfully.

Enable VPN Connection

Enable VPN Connection

Enabled VPN Connection

Enabled VPN Connection

Last but not least, test if the VPN is working fine. You can check your computer’s public IP address to confirm this from a web browser: it should now point to the IP of the gateway.

Confirm Your VPN Connection

Confirm Your VPN Connection

That’s the end of this article. If you have any queries or thoughts to share, reach us via the feedback form below.

If You Appreciate What We Do Here On TecMint, You Should Consider:

TecMint is the fastest growing and most trusted community site for any kind of Linux Articles, Guides and Books on the web. Millions of people visit TecMint! to search or browse the thousands of published articles available FREELY to all.

If you like what you are reading, please consider buying us a coffee ( or 2 ) as a token of appreciation.

Support Us

We are thankful for your never ending support.

Aaron Kili

Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge.

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide
The Complete Linux System Administrator Bundle
Become an Ethical Hacker Bonus Bundle

You may also like...

6 Responses

  1. wffger says:

    Do you know how to set up IPsec/XAuth VPN client in Fedora 31?

  2. m says:

    Hi, connect to L2TP/IPsec from GUI is simple. But how can I connect to L2TP/IPsec from server without GUI?

  3. dragonmouth says:

    No, not in LINUX but in Ubuntu and Fedora-related distros only. Ubuntu and Fedora are not the alpha and omega of Linux. There are hundreds of other Linux distros that these instructions CANNOT be used for.

    I am not asking for you to provide setup instructions for all other distros. All I am asking for is ‘truth in advertising’. If the article is specific to Ubuntu and Fedora, say so in the title. Otherwise, you are wasting the time of the millions of people who use distros other than those in Ubuntu/Fedora families.

    I know that Tecmint would not intentionally give its articles click-bait titles.

Leave a Reply to wffger Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.