[Openswan Users] IPSEC over DHCP

Paul Wouters paul at xelerance.com
Wed Sep 14 11:02:36 EDT 2011

On Wed, 14 Sep 2011, heta shah wrote:

> Anyone tell me how to configure IPSEC/L2TP over DHCP in ubuntu server for
> roadwarries client to connect to the server. If any document for that
> then please share with me.

There is no DHCP when using L2TP.

If you use xl2tpd, you can do IP assignment using /etc/ppp/chap-secrets
or you can use a pppd radius/ldap plugin to talk to a backend handing out
IP addresses.

Example xl2tpd IP handout:


listen-addr =
ipsec saref = yes
debug tunnel = yes

[lns default]
ip range =
local ip =
require chap = yes
refuse pap = yes
require authentication = yes
name = OpenswanVPN
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes


# Secrets for authentication using PAP
# client	server	secret			IP addresses
# paul gets static IP - outside the xl2tpd pool
paul           *       "password"    
*               paul   "password"    
# test gets IP from pool
test           *       "password"   
*              test   "password"    


More information about the Users mailing list