I configured L2TP with IPsec just as described in the wiki (https://wiki.vyos.net/wiki/L2TP_Remote_Access), but used outside-address 0.0.0.0 because I have dynamic IP's on my internet interfaces (via PPPoE).
Everything works nicely (on 1.2.0) except that on reboot the xl2tpd daemon isn't started at reboot and one has to manually start it with sudo systemctl start xl2tpd. (I've even tried to issue restart vpn without success.)
The configuration pertaining to VPN is:
set vpn ipsec auto-update '30' set vpn ipsec ipsec-interfaces interface 'pppoe0' set vpn ipsec nat-networks allowed-network 0.0.0.0/0 set vpn ipsec nat-traversal 'enable' set vpn l2tp remote-access authentication local-users username ... password '****' set vpn l2tp remote-access authentication local-users username bekomiko static-ip '****' set vpn l2tp remote-access authentication mode 'local' set vpn l2tp remote-access authentication require 'mschap-v2' set vpn l2tp remote-access client-ip-pool start '****' set vpn l2tp remote-access client-ip-pool stop '****' set vpn l2tp remote-access dns-servers server-1 '1.1.1.1' set vpn l2tp remote-access dns-servers server-2 '1.0.0.1' set vpn l2tp remote-access idle '1800' set vpn l2tp remote-access ipsec-settings authentication mode 'pre-shared-secret' set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret '****' set vpn l2tp remote-access ipsec-settings ike-lifetime '3600' set vpn l2tp remote-access ipsec-settings lifetime '3600' set vpn l2tp remote-access mtu '1400' set vpn l2tp remote-access outside-address '0.0.0.0'