So I have spent the better part of the weekend trying to setup an L2TP VPN on my EdgeRouter Lite. I had a PPTP connection that worked great but I guess Mac OS Sierra no longer supports PPTP. I have found several guides on configuration including this one - https://help.ubnt.com/hc/en-us/articles/204959404-EdgeMAX-Set-up-L2TP-over-IPsec-VPN-server - but cant get it to work. My iPad VPN connection keeps returning the error "The L2TP-VPN Server did not respond..."
My setup briefly is:
eth0 - WAN (with DHCP, not a static IP)
eth 1 - LAN 192.168.1.1/24
eth 1.20 - VLAN 10.21.32.1/24
eth 2 - LAN 2 - 192.168.2.1/24 (not used)
I'd like to get my VPN-connected computer on my primary LAN (192.168.1.1/24). DHCP range for this LAN is 192.168.1.10 to 192.168.1.239.
Most of the L2TP looks easy/straight-forward for me. My questions are:
1. Pool Address: For the pool range, should I use a range within the numbers being assigned by the DHCP server (10-239) or outside (i.e., 240-250)? Some of the guides say it shouldnt conflict but I am not sure how to read this.
2. Outside Address and Next Hop: Since a dynamic IP is received from my ISP, I used "set vpn l2tp remote-access dhcp-interface eth0" - is that right or do I have to set an outside address?
3. Allowed Network: I have it set to 0.0.0.0/0. Is that right?
4. Firewall Policies: I am using:
IKE - UDP port 500
L2TP - UDP port 1701
ESP - protocol 50
NAT-T - UDP port 4500 (if using NAT-T)
5. VPN Client Setup: For the Server field, I have tried using both my public IP number and my dyndns domain name (in each case without the http://). I'd prefer using dyndns of course because of my dynamic IP from the ISP.
I know this is a long post but I would appreciate your help and this post would probably help others too.
Thank you.