Waste few hours to configure L2TP VPN on Debian. To reduce Googling time when I need to do it again.

Found some almost correct ways on following links:

Few things need modify:

use ipsec up/down to control IPsec tunnel
use correct pipeline when start L2TP connection:
$ sudo ipsec up vpn-name



$ echo "c vpn-name " | sudo tee /var/run/xl2tpd/l2tp-control

And use ike-scan to find VPN server’s supported protocols. Debug using https://doc.pfsense.org/index.php/IPsec_Troubleshooting if IPSec tunnel can’t be establish.