apt-get install strongswan xl2tpd
/etc/xl2tpd/xl2tpd.conf
[lns default] ip range = 192.168.11.128-192.168.11.254 local ip = 192.168.11.99 pppoptfile=/etc/ppp/options.l2tpd
/etc/ppp/options.l2tpd
ms-dns 8.8.8.8 mtu 1358 mru 1358 refuse-pap refuse-chap refuse-mschap require-mschap-v2 name xl2tpd
この2ファイルはpermission 644
cat /etc/ppp/chap-secrets "user" xl2tpd "password" * cat /etc/ipsec.secrets : PSK "secret"
/etc/ipsec.conf
config setup virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v4:100.64.0.0/10,%v6:fd00::/8,%v6:fe80::/10 conn L2TP-PSK-NAT dpddelay=10 dpdtimeout=20 dpdaction=clear rightsubnet=0.0.0.0/0 also=L2TP-PSK-noNAT conn L2TP-PSK-noNAT authby=secret pfs=no auto=add keyingtries=3 rekey=no ikelifetime=8h keylife=1h type=transport left=%defaultroute leftprotoport=17/1701 right=%any rightprotoport=17/%any ike=aes256-sha1-modp1024
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf sysctl -p
ufwでport 1701 4500 500 許可
サーバ再起動
systemctl restart strongswan systemctl restart xl2tpd