===Setup===

Install the packages first as root user:

====Configure Openswan====

*Edit '''''/etc/ipsec.conf''''' with your favorite editor and update as follows ('''NOTE:''' Replace the ''{HDA IP Address}'' i.e. 192.168.0.10 and xxx.xxx.xxx.xxx/24 i.e. 192.168.0.0/24 with the correct IP addresses for your network):

protostack=netkey

nat_traversal=yes

leftprotoport=17/1701

right=%any

* Add the following to '''''/etc/ipsec.d/hda.secrets''''':

* Edit '''''/etc/sysctl.conf''''' and add following to the file:

net.ipv4.conf.default.accept_redirects = 0

* In the same file, disable the following by adding a #:

<nowiki>#</nowiki>net.bridge.bridge-nf-call-iptables = 0

* To enable changes, do the following:

* Create '''''/usr/bin/zl2tpset''''' and add the following:

for each in /proc/sys/net/ipv4/conf/*"

do

echo 0 > \$each/accept_redirects

echo 0 > \$each/send_redirects

* Make it executable

* Add the following to '''''/etc/rc.local''''' so this script runs on boot:

* To verify everything is set correctly, do the following:

* Edit '''''/etc/xl2tpd/xl2tpd.conf''''' and update to reflect as follows:

'''NOTE:''' The IP range is outside an actively used IP range. For example if your DHCP server assigns IPs between 192.168.10.10 and 192.168.10.100 you can use 192.168.10.150-192.168.10.200. Also, xl2tpd needs a local IP which is used for communication with PPP. Given example, you could use 192.168.10.101.

ipsec saref = no

ppp debug = yes

pppoptfile = /etc/ppp/options.xl2tpd

====Configure PPP====

* Add following to '''''/etc/ppp/chap-secrets''''' (replace username and password accordingly):

* Check '''''/etc/ppp/options.xl2tpd''''' to verify that all ''ms-dns'' entries point to the correct nameservers (the HDA).

*Start xl2tpd:

====Configure Router====

====Set Services to Start on Boot====

That's basically it, you can now setup your L2TP/IPsec VPN client and try to connect.