ok, the vpnd config looks like this:
/Library/Preferences/SystemConfiguration/com.apple.RemoteAccessServers.plist
=======================================================================
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>ActiveServers</key>
<array>
<string>com.apple.ppp.pptp</string>
<string>com.apple.ppp.l2tp</string>
</array>
<key>Servers</key>
<dict>
<key>com.apple.ppp.l2tp</key>
<dict>
<key>DNS</key>
<dict>
<key>OfferedSearchDomains</key>
<array/>
<key>OfferedServerAddresses</key>
<array>
<string>8.8.8.8</string>
<string>8.8.4.4</string>
</array>
</dict>
<key>IPv4</key>
<dict>
<key>ConfigMethod</key>
<string>Manual</string>
<key>DestAddressRanges</key>
<array>
<string>10.0.53.220</string>
<string>10.0.53.225</string>
</array>
</dict>
<key>Interface</key>
<dict>
<key>SubType</key>
<string>L2TP</string>
<key>Type</key>
<string>PPP</string>
</dict>
<key>L2TP</key>
<dict>
<key>IPSecSharedSecret</key>
<string>XXXXXXXXXXXX</string>
<key>Transport</key>
<string>IPSec</string>
</dict>
<key>PPP</key>
<dict>
<key>AuthenticatorProtocol</key>
<array>
<string>MSCHAP2</string>
</array>
<key>LCPEchoEnabled</key>
<integer>1</integer>
<key>LCPEchoFailure</key>
<integer>5</integer>
<key>LCPEchoInterval</key>
<integer>60</integer>
<key>Logfile</key>
<string>/var/log/ppp/vpnd.log</string>
<key>VerboseLogging</key>
<integer>1</integer>
</dict>
<key>Server</key>
<dict>
<key>Logfile</key>
<string>/var/log/ppp/vpnd.log</string>
<key>MaximumSessions</key>
<integer>128</integer>
<key>VerboseLogging</key>
<integer>1</integer>
</dict>
</dict>
<key>com.apple.ppp.pptp</key>
<dict>
<key>DNS</key>
<dict>
<key>OfferedSearchDomains</key>
<array/>
<key>OfferedServerAddresses</key>
<array>
<string>8.8.8.8</string>
<string>8.8.4.4</string>
</array>
</dict>
<key>IPv4</key>
<dict>
<key>ConfigMethod</key>
<string>Manual</string>
<key>DestAddressRanges</key>
<array>
<string>10.0.53.220</string>
<string>10.0.53.225</string>
</array>
</dict>
<key>Interface</key>
<dict>
<key>SubType</key>
<string>PPTP</string>
<key>Type</key>
<string>PPP</string>
</dict>
<key>PPP</key>
<dict>
<key>AuthenticatorProtocol</key>
<array>
<string>MSCHAP2</string>
</array>
<key>CCPEnabled</key>
<integer>1</integer>
<key>CCPProtocols</key>
<array>
<string>MPPE</string>
</array>
<key>LCPEchoEnabled</key>
<integer>1</integer>
<key>LCPEchoFailure</key>
<integer>5</integer>
<key>LCPEchoInterval</key>
<integer>60</integer>
<key>Logfile</key>
<string>/var/log/ppp/vpnd.log</string>
<key>MPPEKeySize128</key>
<integer>1</integer>
<key>MPPEKeySize40</key>
<integer>0</integer>
<key>VerboseLogging</key>
<integer>1</integer>
</dict>
<key>Server</key>
<dict>
<key>Logfile</key>
<string>/var/log/ppp/vpnd.log</string>
<key>MaximumSessions</key>
<integer>128</integer>
<key>VerboseLogging</key>
<integer>1</integer>
</dict>
</dict>
</dict>
</dict>
</plist>
=========================================================
in hostconfi is nothing, also nothing in networkconfig
As from my MBP all works to reach the virtual network, the regular route setting should be ok (I am not sure if it is a good idea to add with "route command" a new route when all routes are already working when done locally form MBP, so the new route should only apply for L2TP but not for any other applications on MBP). So where should the new route be configured for the VPN. In vpnd ?, this is not clear for me in the vpnd man pages? In vpnd config file I can only see the assigned IP address range for the L2TP client (and this is the physical network, where all works).