server
ipsec.conf
conn l2tp
esp=aes128-sha1
ike=aes128-sha1
authby=secret
rekey=yes
keyingtries=3
type=transport
rekey=no
left=%any
leftprotoport=udp/%any
right=%any
rightprotoport=udp/%any
auto=add
keyexchange=ikev1
xl2tpd.conf
[global]
port = 1701
access control = no
[lns default]
ip range = 10.10.1.2-10.10.1.10
local ip = 10.10.1.1
refuse pap = yes
require authentication = yes
name = l2tpd
pppoptfile = /etc/ppp/options.xl2tpd
;ppp debug = yes
length bit = yes
options.xl2tpd
require-mschap-v2
ms-dns 8.8.8.8
ms-dns 8.8.4.4
auth
mtu 1410
mru 1410
crtscts
modem
name l2tpd
proxyarp
lcp-echo-interval 30
lcp-echo-failure 4
client
conn ipsec
esp=aes128-sha1
ike=aes128-sha1
authby=secret
rekey=no
keyingtries=3
type=transport
rekey=no
left=%defaultroute
leftprotoport=udp/%any
right=##server-ip##
rightprotoport=udp/%any
auto=add
keyexchange=ikev1
xl2tpd configuration done by luci
/etc/config/network
config interface 'ipsec'
option proto 'l2tp'
option server '##server-ip##'
option username 'ipsecclient'
option password 'ipsecpass'
option peerdns '0'
option dns '8.8.8.8 8.8.4.4'
option defaultroute '1'
and don't forget to add PSK to /etc/ipsec.secrets and ppp user to /etc/ppp/chap-secrets
