Client for L2TP/IPSec protocol
Client for L2TP/IPSec protocol
You're likely encountering few references since OpenVPN now dominates Linux client/server VPN setups. It might be worth opting for OpenVPN for more resources and examples. Unless your Ubuntu client is functioning as a router, L2TP probably isn't the better choice compared to OpenVPN. I'm sorry I can't give a direct answer—I haven't tested this myself and don't know which tools are available. Did you install any packages to configure the server? Their documentation may include client examples. If not, you'll likely need to follow similar steps on the client side, adjusting it as necessary.
My Ubuntu server is functioning as a router, allowing both my server and client to share network visibility. The client connects to the server's subnet and appears to operate as if they were on that same network. This setup isn't a private VPN subnet but resembles a point-to-point connection. The server can view the client's IP addresses while the client sees the server's subnets. I'm new to OpenVPN and more accustomed to understanding L2TP, which is why I'm struggling with this configuration. I used a package for the setup, but the only documentation provided was for GUI clients, not CLI users.
I understand you're aiming to establish a routeable VPN connection. If your intention is to set up a tunnel, GRE or L2TP (both using IPSec) would be suitable options. For a single AWS server, basic IPSec could suffice. OpenVPN simplifies routing but isn't ideal for direct site-to-site communication—it works well for NAT-based remote access rather than true inter-site routing. Unfortunately, I don’t have concrete examples for configuring Ubuntu as a router with VPN. The article you found seems trustworthy enough to follow, though it’s outdated and not tailored specifically to Ubuntu. You might adjust the instructions based on your setup. Once the VPN is active, you’ll need to configure a static route on your AWS server so it routes traffic through the VPN client address to reach your local network.
You might want to explore the fastd package. It’s simple to use for configuring site-to-site VPNs. It’s lightweight and CLI-driven. I’ve installed it on my Merlin ASUS routers at both homes to create a tunnel between them. It functions flawlessly. One house uses 192.168.1.0, the other 192.168.2.0, allowing all devices to communicate directly—just like a corporate network. For some time I paired it with BIRD to enable OSPF dynamic routing (unnecessary for just two sites, but it satisfied my technical side). Eventually I disabled that and switched to static routing. fastd makes it easy to add static routes automatically when the tunnel connects, eliminating the need to manually configure kernel routes.