I have a VPS running Ubuntu Server 20.04 that needs to monitor hundreds of machines on a remote network using Zabbix. This network can be remotely accessed via an L2TP over IPSEC VPN. This responder VPN server implementation is Windows.
I would rather NOT use Gnome unless strictly necessary (although I know it would be the least painful way to go) to avoid using up space on the VPS.
After spending several hours researching, I learned I could use the command line for Network Manager for this, however I cannot find any specific docs about how to use L2TP over IPSEC from the command line with nmcli. I am assuming something in the lines of
nmcli connection add connectionid myvpn type l2tp ... is the right way to create the connection, but I cannot find a reference to know all parameters I need to add. Also this connection will need to add the Routes automatically every time it gets connected. I know how to do this easily with the GUI, but I don't know how to implement this with the command line either. Also the connection should be re-established if lost, but I guess for this I will need a service, cronjob or similar (I am open to suggestions).
On the other hand side, I could use strongswan directly with the ipsec.conf files or with strongswan-swanctl plugin and just create the configs on /etc/swanctl.conf and manage from there. However it's not clear to me if the examples covered in Strongswan.org for l2tp would need some changes to work best with Windows VPN Servers... I know for sure that the Network Manager GUI with network-manager-l2tp-gnome works fine for this VPN cause have been using it on Ubuntu VMs for long time.
What would you guys recommend for this case? NetworkManager or Strongswan? What would be the best way to keep the VPN connection always up even in case of disconnections?
Thanks for your recommendations in advance!