If you first configure and commit
set vpn ipsec interface 'eth0' commit
and then configure l2tp server
set vpn l2tp remote-access authentication local-users username alice password 'notsecure' set vpn l2tp remote-access authentication mode 'local' set vpn l2tp remote-access client-ip-pool test range '10.1.1.0/24' set vpn l2tp remote-access gateway-address '10.1.1.1' set vpn l2tp remote-access ipsec-settings authentication mode 'pre-shared-secret' set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret 'not-so-secret' set vpn l2tp remote-access outside-address '192.168.1.1'
IPSEC does not UP
vyos@vyos:~$ sudo swanctl -L vyos@vyos:~$
The same problem after deleting the l2tp configuration.
IPSEC configuration of L2tp stays in storngswan.
delete vpn l2tp commit
vyos@vyos:~$ sudo swanctl -L l2tp_remote_access: IKEv1/2, no reauthentication, rekeying every 3600s, dpd delay 15s local: 10.17.1.223 remote: %any local pre-shared key authentication: remote pre-shared key authentication: l2tp_remote_access_esp: TRANSPORT, rekeying every 3272s, dpd action is none local: dynamic[0/l2f] remote: dynamic