USP

LARC - Laboratório de Arquitetura e Redes de Computadores

Configuração - Serviço VPN L2TP/IPSec

Para realizar a configuração da VPN do LARC baseada no protocolo L2TP/IPSec, utilize os seguintes parâmetros:

  • servidor: 143.107.111.206
  • tipo: L2TP sobre IPSec
  • usuário: a ser passado pelos administradores da rede (não é necessário colocar @larc.usp.br)
  • shared secret (ou Preshared Key - PSK): a ser passada pelos administradores da rede

As instruções específicas para as diversas plataformas encontram-se detalhadas abaixo (as instruções foram baseadas no trabalho de Lin Song e Joshua Lund - projeto Streisand, sob licença Creative Commons, e encontra-se em refinamento/tradução).

  • Windows 10 & 8.x
  • Windows 7
  • OS X
  • Android
  • IOS
  • Linux

Windows 10 and 8.x

  1. Right-click on the wireless/network icon in your system tray.
  2. Select Open Network and Sharing Center. Or, if using Windows 10 version 1709 or newer, select Open Network & Internet settings, then on the page that opens, click Network and Sharing Center.
  3. Click Set up a new connection or network.
  4. Select Connect to a workplace and click Next.
  5. Click Use my Internet connection (VPN).
  6. Enter Your VPN Server IP in the Internet address field.
  7. Enter anything you like in the Destination name field, and then click Create.
  8. Return to Network and Sharing Center. On the left, click Change adapter settings.
  9. Right-click on the new VPN entry and choose Properties.
  10. Click the Security tab. Select "Layer 2 Tunneling Protocol with IPsec (L2TP/IPSec)" for the Type of VPN.
  11. Click Allow these protocols. Check the "Challenge Handshake Authentication Protocol (CHAP)" and "Microsoft CHAP Version 2 (MS-CHAP v2)" checkboxes.
  12. Click the Advanced settings button.
  13. Select Use preshared key for authentication and enter Your VPN IPsec PSK for the Key.
  14. Click OK to close the Advanced settings.
  15. Click OK to save the VPN connection details.

Windows 7, Vista and XP

  1. Click on the Start Menu and go to the Control Panel.
  2. Go to the Network and Internet section.
  3. Click Network and Sharing Center.
  4. Click Set up a new connection or network.
  5. Select Connect to a workplace and click Next.
  6. Click Use my Internet connection (VPN).
  7. Enter Your VPN Server IP in the Internet address field.
  8. Enter anything you like in the Destination name field.
  9. Check the Don't connect now; just set it up so I can connect later checkbox.
  10. Click Next.
  11. Enter Your VPN Username in the User name field.
  12. Enter Your VPN Password in the Password field.
  13. Check the Remember this password checkbox.
  14. Click Create, and then Close.
  15. Return to Network and Sharing Center. On the left, click Change adapter settings.
  16. Right-click on the new VPN entry and choose Properties.
  17. Click the Options tab and uncheck Include Windows logon domain.
  18. Click the Security tab. Select "Layer 2 Tunneling Protocol with IPsec (L2TP/IPSec)" for the Type of VPN.
  19. Click Allow these protocols. Check the "Challenge Handshake Authentication Protocol (CHAP)" and "Microsoft CHAP Version 2 (MS-CHAP v2)" checkboxes.
  20. Click the Advanced settings button.
  21. Select Use preshared key for authentication and enter Your VPN IPsec PSK for the Key.
  22. Click OK to close the Advanced settings.
  23. Click OK to save the VPN connection details.

OS X

  1. Open System Preferences and go to the Network section.
  2. Click the + button in the lower-left corner of the window.
  3. Select VPN from the Interface drop-down menu.
  4. Select L2TP over IPSec from the VPN Type drop-down menu.
  5. Enter anything you like for the Service Name.
  6. Click Create.
  7. Enter Your VPN Server IP for the Server Address.
  8. Enter Your VPN Username for the Account Name.
  9. Click the Authentication Settings button.
  10. In the User Authentication section, select the Password radio button and enter Your VPN Password.
  11. In the Machine Authentication section, select the Shared Secret radio button and enter Your VPN IPsec PSK.
  12. Click OK.
  13. Check the Show VPN status in menu bar checkbox.
  14. (Important) Click the Advanced button and make sure the Send all traffic over VPN connection checkbox is checked.
  15. Click the TCP/IP tab, and make sure Link-local only is selected in the Configure IPv6 section.
  16. Click OK to close the Advanced settings, and then click Apply to save the VPN connection information.

To connect to the VPN: Use the menu bar icon, or go to the Network section of System Preferences, select the VPN and choose Connect. You can verify that your traffic is being routed properly by looking up your IP address on Google. It should say "Your public IP address is Your VPN Server IP".

Android

  1. Launch the Settings application.
  2. Tap More... in the Wireless & Networks section.
  3. Tap VPN.
  4. Tap Add VPN Profile or the + icon at top-right of screen.
  5. Enter anything you like in the Name field.
  6. Select L2TP/IPSec PSK in the Type drop-down menu.
  7. Enter Your VPN Server IP in the Server address field.
  8. Enter Your VPN IPsec PSK in the IPSec pre-shared key field.
  9. Tap Save.
  10. Tap the new VPN connection.
  11. Enter Your VPN Username in the Username field.
  12. Enter Your VPN Password in the Password field.
  13. Check the Save account information checkbox.
  14. Tap Connect.

Once connected, you will see a VPN icon in the notification bar. You can verify that your traffic is being routed properly by looking up your IP address on Google. It should say "Your public IP address is Your VPN Server IP".

iOS

  1. Go to Settings -> General -> VPN.
  2. Tap Add VPN Configuration....
  3. Tap Type. Select L2TP and go back.
  4. Tap Description and enter anything you like.
  5. Tap Server and enter Your VPN Server IP.
  6. Tap Account and enter Your VPN Username.
  7. Tap Password and enter Your VPN Password.
  8. Tap Secret and enter Your VPN IPsec PSK.
  9. Make sure the Send All Traffic switch is ON.
  10. Tap Done.
  11. Slide the VPN switch ON.

Once connected, you will see a VPN icon in the status bar. You can verify that your traffic is being routed properly by looking up your IP address on Google. It should say "Your public IP address is Your VPN Server IP".

Ubuntu Linux

Ubuntu 18.04 (and newer) users can install thenetwork-manager-l2tp e network-manager-l2tp-gnome packages, then configure the IPsec/L2TP VPN client using the GUI. Ubuntu 16.04 and 14.04 users may need to add the nm-l2tp PPA, read more here.

  1. Go to Settings -> Network -> VPN. Click the + button.
  2. Select Layer 2 Tunneling Protocol (L2TP).
  3. Enter anything you like in the Name field.
  4. Enter Your VPN Server IP for the Gateway.
  5. Enter Your VPN Username for the User name.
  6. Right-click the ? in the Password field, select Store the password only for this user.
  7. Enter Your VPN Password for the Password.
  8. Leave the NT Domain field blank.
  9. Click the IPsec Settings... button.
  10. Check the Enable IPsec tunnel to L2TP host checkbox.
  11. Leave the Gateway ID field blank.
  12. Enter Your VPN IPsec PSK for the Pre-shared key.
  13. Expand the Advanced section.
  14. Click OK, then click Add to save the VPN connection information.
  15. Turn the VPN switch ON.

Once connected, you can verify that your traffic is being routed properly by looking up your IP address on Google. It should say "Your public IP address is Your VPN Server IP"

Copyright © LARC

LARC – Laboratório de Arquitetura e Redes de Computadores
Av. Prof. Luciano Gualberto, travessa 3, n.158, sala C1-50 [mapa]
Edifício Engenharia Elétrica – Bloco C
CEP 05508-010

 

Telefone: +55 11 3091-2961