@grahamc is the last person I know that used l2tp. I think I was one of the first, and had lots of trouble getting it to work (but it ended up working). You can find some intel on the nixpkgs tracker and l2tp-networkmanager tracker.
I dont use it anymore but in my config I could salvage this:
services.strongswan = {
enable = true;
secrets = [
"ipsec.d/ipsec.nm-l2tp.secrets"
];
};