In this paper we will configure Vyatta(Core 6.2) as an L2TP/IPsec server with certificate authentication for IKE Main Mode using for the PKI part XCA.
We will do so per my previous article Using XCA to configure the PKI part needed for L2TP/IPsec VPN connections using certificates for IKE main mode authentification.
So first make sure you follow the steps from there in order to create a CA and issue certificates for the L2TP/IPsec VPN server and clients.
Per the mentioned paper, I have prepared within a folder on a Windows 7 machine the following files: CA certificate, client certificate(this will be used on the L2TP/IPsec VPN client machine), server certificate and private key and CRL file.
Read more ...