Support schedule

Monday to Friday 08:00 AM to 05:00 PM. (MET)
Please expect a maximum process time of 48 hours (during working week days)

 Most Popular
L2TP/IPSec and PPTP on Mac OS X
Posted by Uli Brügmann on 25 February 2013 12:16 PM

L2TP (Layer 2 Tunneling Protocol) with IPSec (Internet Protocol Security) and PPTP (Point to Point Tunneling Protocol) are VPN protocols for devices like Smartphones and Tablets as well as for operating systems like, in this case, Mac OS. Both protocols are already built in and do not need any additional software - but you should know, that PPTP has already been compromised and therefore should only be used, if none of the other options (L2TP/IPSec, OpenVPN or the CyberGhost client) is available.

 Please note!

To use L2TP/IPSec and/or PPTP on your device you need a Premium or Premium Plus subscription and a CyberGhost account. To see how to create a CyberGhost account inside the CyberGhost client, please consult this article. To see how to create an account without the client, read this article.

Step 1

Visit your CyberGhost VPN online account.

Log-in with your user data and click in the left sided menu on the entry 'Smart Phone, Tablets & Other Devices'.

Now click on 'Other Devices'.

Specify the protocol you want to use:

  • PPTP: Note to use this protocol just in case none of the other possibilities (L2TP/IPSec, OpenVPN or the CyberGhost Mac client) is available for your system or doesn't work. PPTP can't be considered safe anymore (but is still better than being completely unprotected). How to configure PPTP is shown below. It doesn't differ very much from configuring L2TP/IPSec.
  • L2TP: L2TP/IPSec is in terms of online security the number 2 (while OpenVPN is number 1). How to configure L2TP/IPSec on your Mac is shown in step 2

A L2TP or PPTP connection can naturally just be configured with exactly one server address. So the next thing to do is to choose the country you want to surf from (the server inside this country will be chosen automatically by CyberGhost as the most convenient server available). 


Now chose your platform, 'Mac OS' in this case.

Once done, note down the following data, which you will need to configure your L2TP or PPTP connection:

  • Server: This is the server address of the country you want to surf from.
  • Username: Your CyberGhost user name. 
  • Password: This is your password for your respective protocol usage. This password IS NOT your usual CyberGhost password but created solely for protocol usage.
  • Pre shared secret: L2TP connections need this additional password (NOT needed for PPTP connections)

Step 2

You start your Mac OS X L2TP/IPSec configuration by first moving to 'System Preferences' and then 'Network'.

In the next window click on the '+' sign in the lower left corner.

Now, select 'VPN'.

In the list of 'Interfaces', choose 'L2TP over IPSec' (or PPTP) as the 'VPN Type' and type in a name for your connection in the 'Service Name' field, e.g. 'VPN (L2TP)'. 'CyberGhost VPN' might come in handy as well ;-), but you might also want to choose a description or name which reflects the country of the server you want to surf from (e.g. ‘CyberGhost VPN US’).

Lastly, click on 'Create'.

Step 3

Now mark the new entry in your list of networks on the left side, enter the server address (e.g. '' for a L2TP connection or '' for PPTP connection) and your user name which is your usual CyberGhost account name, and click on 'Authentication Settings'.

Activate the option 'Password' (if not already highlighted) and enter the password that has been generated for you in your online account. DO NOT use your regular account password. 

Furthermore you need to type in a 'Shared Secret' which is the ‘Secret Key/PSK' you also noted before. In case of a PPTP connection this part is missing in the authentication dialog, for here you don't need a secret key. 

Click on 'OK' to validate your settings.

Now open the 'Advanced' section on the lower right side of the settings window.

On the 'Options' tab you make sure that all three options under 'Session' are activated. The first ones already are, the third one, 'Send all traffic over VPN', needs to be checked by you. Click on 'OK' to leave the dialog.

Again back in the settings window, check the 'Show VPN status in the menu bar' and click on 'Apply'.

When done you now should see your new VPN connection in the menu bar of your MAC.

Step 4

To connect to your CyberGhost L2TP/IPSec or PPTP based VPN, either click on 'Connect' in the 'Network' window ...

... or use the respective entry in the menu bar:

If you want to have a L2TP/IPSec or PPTP VPN connection for each country, CyberGhost operates server in, please repeat all steps for each of the other addresses CyberGhost provides you with, when choosing the country. 

 Please note!

Certain routers need you to activate the L2TP/IPSec protocol. How you can accomplish that task should be documented in your router's manual.

(18 vote(s))
This article was helpful
This article was not helpful

Comments (0)
© CyberGhost VPN