1.1 KiB
l2tp-over-wireguard
Configuration files for setting up a two-site LAN using L2TP carried by WireGuard
Why?
WireGuard provides a fast and secure VPN tunnel, which allows unsecure L2TPv3 traffic to travel cross-site securely. Having a VPN tunnel also lets us use the slimmer IP encapsulation of L2TPv3 rather than UDP, since NAT traversal is no longer an issue.
Note
Make sure to generate new public, private and pre-shared keys for your own deployment. Keys were included in this repository for testing purposes (like with GNS3).
Example Topology
This configuration has been tested in GNS3, and all of the configuration's default values reflect this topology.
The main-site files are for the Debian host 'Wireguard-Peer-Main', while off-site contains the configurations for 'Wireguard-Peer-Remote'. main-site also contains a basic configuration of ISC DHCP Server, to show that devices on the off-site recieve addresses from the main site's DHCP server (demonstrating L2 transfer).