L2TP VPN connection

Hi all,

I have a GL.Inet GL-A1300. I need to connect to a VPN server using L2TP. I followed this guide: Supporting L2TP and PPTP in firmware 3.203 to add L2TP functionality to my router. If I try to create a new interface then I can see L2TP as an option so I guess something worked. But how do I set up a connection? In the GUI I only see options for WireGuard and OpenVPN. And I can use both of these protocols just fine but my own VPN server can only be configured to use L2TP…
Help is much appreciated!


L2TP isn’t a safe protocol for VPN because it’s not for encrypting traffic. You will need IPsec as well, which opens up an entirely new space of complexity.

If it’s somehow possible, you should get rid of both - it won’t make much fun to implement it using OpenWrt because it’s not supported in an easy way (like a GUI for example)

Thanks. I understand the shortcomings of L2TP. However that is the only option that I have just now. Unless I buy a new router… I have a Ubiquity USG as my primary router. But if it isn’t possible then so be it. I just don’t understand why you even have the option to install the l2tpd package if this is the case

Pretty sure you can use L2TP (+ IPsec) with OpenWrt - but maybe not with a nice GUI.
Might be behind of scope of this forum.

Even Ubiquiti recommends switching to modern VPN like wireguard.

Having said this, it should be possible to configure xl2tp to connect. I added the packages and from the luci admin page Network->Interfaces can add a new L2TP interface on the WAN interface and see the options to enter the address for the L2TP server and the user name and password.

If that doesn’t work for you, it’s been maybe 25 years since I have used this protocol, and might have too many cobwebs in the way to remember what to do. I would recommend replacing that old Ubiquiti gateway with something more modern if at all possible.

1 Like

I tried it. But I think that the issue is that I can’t specify a pre-shared key in the settings. At least I don’t seem to be able to connect… OK, I guess I need to find another way to reach my home network.

If you are using a PSK, then the protocol may be L2TP over IPSec? IF so this would be secure VPN even by today’s standards. Can you share a link to the documentation for your Ubiquiti gateway?

This is not documentation per se. But it describes what I have done


Thanks. This confirms that the VPN is L2TP/IPSec, which can still be a secure tunnel, depending on the ciphers supported on the server. To configure an openwrt client, you would need to install and configure strongswan packages. I am familiar with strongswan in general, but I have not done it in openwrt. I am guessing here but I think that you would need to first configure IPSec and then L2TP. Here is the openwrt documentation. This may not be all the information you need, but it would be a start if you decide to tackle the project.


1 Like