Enabling L2TP over IPSec on Ubuntu 16.04

Ubuntu has stopped shipping L2TP over IPSec support for Ubuntu since Precise. A workaround for this exists using network-manager-l2tp.

Update (23 Oct 2017) - Many users of Ubuntu 17.xx have reported it to be working as is, and some needed more hacks to get it running. If the Using PPA - Update (29 Mar 2017) does not work for you, there are plenty of hacks specific for different Linux distributions that are available in the comments section by the amazing community here.

Using PPA - Update (29 Mar 2017)

network-manager-l2tp now exists in a PPA. You can install it using

sudo add-apt-repository ppa:nm-l2tp/network-manager-l2tp  
sudo apt-get update  
sudo apt-get install network-manager-l2tp  

Build from Source / Without using PPA

First you must install the prerequisites:

sudo apt install \  
intltool \  
libtool \  
network-manager-dev \  
libnm-util-dev \  
libnm-glib-dev \  
libnm-glib-vpn-dev \  
libnm-gtk-dev \  
libnm-dev \  
libnma-dev \  
ppp-dev \  
libdbus-glib-1-dev \  
libsecret-1-dev \  
libgtk-3-dev \  
libglib2.0-dev \  
xl2tpd \  
strongswan  

Then build the network manager again:

git clone https://github.com/nm-l2tp/network-manager-l2tp.git  
cd network-manager-l2tp  
autoreconf -fi  
intltoolize  

Make sure no errors have occurred.

Configure the build:

./configure \
  --disable-static --prefix=/usr \
  --sysconfdir=/etc --libdir=/usr/lib/x86_64-linux-gnu \
  --libexecdir=/usr/lib/NetworkManager \
  --localstatedir=/var \
  --with-pppd-plugin-dir=/usr/lib/pppd/2.4.7

Make sure no errors occurred.

Then make it:

make  
sudo make install  

Remove AppArmor settings for IPSec:

sudo apparmor_parser -R /etc/apparmor.d/usr.lib.ipsec.charon  
sudo apparmor_parser -R /etc/apparmor.d/usr.lib.ipsec.stroke  

Replace x2ltpd with libpcap:

sudo apt remove xl2tpd  
sudo apt install libpcap0.8-dev

wget https://github.com/xelerance/xl2tpd/archive/v1.3.6/xl2tpd-1.3.6.tar.gz  
tar xvzf xl2tpd-1.3.6.tar.gz  
cd xl2tpd-1.3.6  
make  
sudo make install  

Now restart your machine.

Network Manager should now have an option to use a L2TP VPN connection.

Zaid Daba'een

A traveller and an entrepreneur. Making wireless charging smart. UK Exceptional Talent. Interned at @NASA.