Package Details: networkmanager-l2tp 1.2.8-1

Git Clone URL: (read-only)
Package Base: networkmanager-l2tp
Description: L2TP support for NetworkManager
Upstream URL:
Licenses: GPL2
Submitter: bradpitcher
Maintainer: smfsh
Last Packager: ilpianista
Votes: 66
Popularity: 3.075231
First Submitted: 2013-03-13 17:16
Last Updated: 2017-08-01 21:07

Latest Comments

Sunday commented on 2018-02-11 13:26

For those of you who have build problems due to gdbus codegen: This is related to this bug: Running 'export PYTHONPATH="/usr/share/glib-2.0"' fixes the problem temporarily.

lio2 commented on 2018-01-24 14:00


Adding the Gateway ID fixed it :)

Many many thanks, because of your help I can now work from home !

dkosovic commented on 2018-01-24 13:53

As you are getting an invalid ID error for the peer i.e. the gateway, try setting the Gateway ID in the IPsec options to

The enforce udp encapsulation is getting set if it was ticked when you closed the IPsec options dialog, it's a GUI bug in not reflecting that it has been set when you reopen the dialog. It will be fixed in the next version.

lio2 commented on 2018-01-24 13:25

Hi, I've been spending last night trying to connect to my work vpn. I encountered a few errors along the way, which I managed to workaround/fix, but this last one is leaving me clueless.

"4f6a5977-dbdb-4f8b-8f51-c72e44162379" #495: Peer ID is ID_IPV4_ADDR: ''
"4f6a5977-dbdb-4f8b-8f51-c72e44162379" #495: we require IKEv1 peer to have ID '', but peer declares ''
"4f6a5977-dbdb-4f8b-8f51-c72e44162379" #495: sending encrypted notification INVALID_ID_INFORMATION to
"4f6a5977-dbdb-4f8b-8f51-c72e44162379" #495: max number of retransmissions (8) reached STATE_MAIN_I3.  Possible authentication failure: no acceptable response to our first encrypted message
"4f6a5977-dbdb-4f8b-8f51-c72e44162379" #495: starting keying attempt 496 of an unlimited number
"4f6a5977-dbdb-4f8b-8f51-c72e44162379" #496: initiating Main Mode to replace #495
"4f6a5977-dbdb-4f8b-8f51-c72e44162379" #495: deleting state (STATE_MAIN_I3)
"4f6a5977-dbdb-4f8b-8f51-c72e44162379" #496: WARNING: connection 4f6a5977-dbdb-4f8b-8f51-c72e44162379 PSK length of 8 bytes is too short for sha PRF in FIPS mode (10 bytes required)
"4f6a5977-dbdb-4f8b-8f51-c72e44162379" #496: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
"4f6a5977-dbdb-4f8b-8f51-c72e44162379" #496: STATE_MAIN_I2: sent MI2, expecting MR2
"4f6a5977-dbdb-4f8b-8f51-c72e44162379" #496: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
"4f6a5977-dbdb-4f8b-8f51-c72e44162379" #496: STATE_MAIN_I3: sent MI3, expecting MR3

I experimented with setting phase1 and phase2 algorythms in the ipsec options:

  • phase1: 3des-sha1;modp1024

  • phase2: 3des-sha1

But I noticed the "enforce udp encapsulation" checkbox does not get saved. I.E, I check it, save, reopen the ipsec options, and then it's not checked anymore. No idea if this could be related to my error.

Is anybody here had those issues and found how to fix them?

Lindhe commented on 2018-01-12 15:39

Anyone else getting build errors?

Mine terminates after outputting the following:

checking for library containing dlopen... -ldl
./configure: line 13664: syntax error near unexpected token `0.35'
./configure: line 13664: `IT_PROG_INTLTOOL(0.35)'
==> ERROR: A failure occurred in build().

EDIT: Nerver mind. I had not rebooted after the latest update.

smfsh commented on 2017-12-11 23:29

For anyone struggling right now, kernel 4.14 introduced a regression that breaks VPN connections. Tracking for this issue:

Edit: resolved in the official 4.14.9 arch kernel release.

dkosovic commented on 2017-10-18 01:48

There are lots of Linux users using L2TP without IPsec. When NetworkManager-l2tp was first released, it didn't even have IPsec support for at least a year.

sirspudd commented on 2017-10-18 00:11

I am a little confused why strongswan is down as being an optional dependency. This functionality appeared to simply be broken up until I checked journalctl and saw that the absence of strong/libreswan was eating my face.

ilpianista commented on 2017-08-09 18:56

No. Please read makepkg man page, specifically the --skippgpcheck part.

tomas.hanak commented on 2017-08-09 18:49

After gpg command I got an error, either immediately:
gpg: keyserver receive failed: Server indicated a failure
or more often after a delay:
gpg: keyserver receive failed: Connection timed out

@ilpianista as new maitainer:
Would it be possible to remove validpgpkeys added on 2017-08-01 or somehow automate whole process? I really don't wish to manually maintain keys...

All comments