gentoo l2tp ipsec client

###connect to unbutu strongswan xl2tpd

emerge libreswan xl2tpd

/etc/ipsec.d/xxx.conf

conn xxx
    authby=secret
    pfs=no
    rekey=no
    keyingtries=3
    type=transport
    left=%defaultroute
    leftprotoport=udp/l2tp
    leftid=@vpn.l2tp
    right=8.8.9.9 # internet ip
    rightid=10.0.1.2 #
    rightprotoport=udp/l2tp
    auto=add

/etc/ipsec.d/xxx.secrets

@vpn.l2tp %any : PSK "******"

/etc/xl2tpd/xl2tpd.conf

[lac xxx]
lns = 8.8.9.9
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes

/etc/ppp/options.l2tpd.client

ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-mschap-v2
noccp
noauth
idle 1800
mtu 1410
mru 1410
nodefaultroute
usepeerdns
debug
192.168.33.101:192.168.33.1 (the server should use ipcp-accept-local and ipcp-accept-remote)
connect-delay 5000

/etc/init.d/ipsec start

/etc/init.d/xl2tpd start

ipsec auto --up xxx

xl2tpd-control  connect xxx

ifconfig #see ip

route add -net 192.168.33.0/24 dev ppp0