L2TP VPN server for OpenWrt?

I'd like to install a VPN server the supports L2TP connections as this is by default on Android and Windows devices.
What packages must I install for this? I wish to avoid other VPN servers that will require a client (Wireguard, OpenVPN, etc)

Wireguard is Layer 3; but it is compatible with Androd, as is OpenVPN. Both are available for install on OpenWrt, I personally recommend Wireguard.

opkg update
opkg install kmod-udptunnel4 kmod-udptunnel6 kmod-wireguard wireguard-tools wireguard luci-proto-wireguard luci-app-wireguard

Hope this helps.

1 Like

Thanks @lleachii, however I don't want to use additional clients but rather use embedded clients.


Ahhhh, I misread.

Have you seen:

1 Like

Openswan page states
"Out of Date - Package openswan No Longer Available"

While the other link points to a Chinese page.... shall I trust content? BTW, the Chinese seems containing stuff to configure a VPN client more than the server... Am I wrong?


I'm really not sure on what you're asking. Are you asking why OpenSwan isn't available any longer?

I cannot guess if the Wiki should be trusted by you or not. If you're going to pose such questions, I can only suggest you locate the person who last edited the pages - as this is a community-based effort.

Also, I'm not an expert in the Chinese language (hence a link to the translation). I don't just distrust information, simply because of the language it's written in. I generally trust the Wiki information, while attempting to understand for myself what steps I'm taking. I'm not sure if it's discussing more client or server, it's in Chinese. The English one provides a server and client setup, use it then.

Notwithstanding, if you want to run this:

  • Use an older version of OpenWrt that has it (not recommended and insecure)
  • Use a newer solution that's known-available on current OpenWrt; and install a simple Android app (you stated that you didn't want to do this)
  • Figure out why it's no longer available and compile it yourself (this will likely require software development skills on your part)
1 Like

you can try the libreswan, openswan successor, is preconfigured for l2tpd, you only have to change the psk and xl2ptd settings (internal ip and user/password) and of course the firewall


Works also as a server or only client?

is meant to be a server, but you can do both if you google a bit, xauth also.. you can find plenty of examples


I see that there's no prebuilt package, thus Libreswan must be downloaded from the original location. This gives 17mb data when expanded, my router free memory is less....

Ok, it looks like this package must be compiled!

1 Like

is available on master https://downloads.openwrt.org/snapshots/packages/
please use a trunk image ideally compile your own, read a bit, I don't think it takes more than 30 minutes to get an idea of what you have to do

1 Like

Softethervpn Is the way to go.... Easy to setup and runs good...

Also if your router have less than 17mb then... I think the VPN performance will be very poor...
Also nobody suggested strongswan...

1 Like

Strongswan could be an option although is IKEVx based.... As for the VPN it will be just one client connecting... Performance problems anyway?

Still I advice softethervpn for the easy configuration if you want to use just user password and sharedkey without the mess with the public and private certificate

Currently using it to connect to my home router when I'm outside. Works with windows and Android with no extra client.

Great stuff, the only drawback, there's no package for BCM47xx... correct?

don't know... did you check the package repository?

1 Like

Actually there's a release for lede 17.x, I am running 18.x. Could it work?

looks strange that it was compied for 17.x and not for 18.x

1 Like

What version are you running?