L2TP connection with iPhone and Astaro Security Gateway

  • Article ID: 115298
  • Rating:
  • 2 customers rated this article 1.0 out of 6
  • Updated: 29 May 2012

This guide will assist you to configure a L2TP connection between Astaro Security Gateway and an iPhone.

User creation

First you have to create a user which should be able to establish a L2TP connection over his iPhone. This can be done at the webadmin Users > Users 

Enduser Portal

Next you have to enable the enduser portal at management > user portal Note - If PSK is not set for L2TP there will be no installation button available within the enduser portal. 


Global tab

Enable the portal over the enable button

allowed networks = any to allow the iphone to access this portal from external
allowed only specific user = the user you create at step 1

Advanced tab

language = language of the portal you want to user
hostname = override the hostname of the asg if it's not reachable from external
port = specify the port how the portal is reachable = 3. L2TP settings = configure your pptp settings at Remote Access > L2TP

Global tab

enable the L2TP over the enable button
authenticate = local because you want to user local users from step 1
assign ip = here you can choose between the l2tp pool of the astaro or a dhcp server

iphone tab

if the hostname is not reachable from external please enter a FQDN which is reachable from external.

Advanced tab

here you can configure the encryption strength of the L2TP connection or enable debug for more details in the logfiles 

Configure the iPhone

 Now you can browse the enuser portal over you Iphone and do following steps: 

  • Authenticate at the enduser portal 
  • Go to the tab remote access 
  • Press the install button of the iphone vpn configuration 
  • Following the instructions oft he install menu 
  • Now you can enable the vpn tunnel over the menu at settings > VPN 

Remove vpn settings from iPhone

To remove the vpn configuration please do this steps: go to settings > common profile The vpn package is listed there with a delete button. If you use this button all vpn profiles (l2tp, pptp and ipsec) are removed.

If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent