L2TP over IPsec VPN from macOS to Vigor Router

This article demonstrates how to set up Vigor Router as a VPN server for L2TP over IPsec VPN and how to start the VPN from macOS.

Setup on Vigor Router

DrayOS Linux

1. Make sure the router is connected to the Internet. Keep in mind the router's WAN IP or domain name.

2. Go to VPN and Remote Access >> Remote Access Control Setup to make sure "Enable IPsec VPN Service" and "Enable L2TP VPN Service" are checked.

a screenshot of DrayOS Remote Access Control Setup

3. Go to VPN and Remote Access >> IPsec General Setup, enter and confirm the Pre-Shared Key, then click OK.　

4. Go to VPN and Remote Access >> Remote Dial-in User, click on an index available to create a new account:

Enable this account,
enable "L2TP with IPSec" for Allowed Dial-in Type and select "Must" for IPsec Policy,
enter User Name and Password,
click OK to save.

5. If the VPN user is online, you will see VPN connection status at VPN and Remote Access >> Connection Management.

Connecting VPN from macOS

1. Go to System Preferences >> Network.

2. Click + to add a new network and edit the profile as follows:

Select VPN for Interface
Select "L2TP over IPSec" for VPN Type
Enter a Service Name
Click Create.

3. Enter Server Address as the WAN IP of the router and Account Name as the username in the router's user profile. Then, click Authentication Settings.

4. Select "Password" for User Authentication and enter the password in the user profile. For Machine Authentication, select "Shared Secret" and enter the pre-shared key set in the router's IPsec General Setup.