Package Details: networkmanager-strongswan 1.4.1-1

Git Clone URL: https://aur.archlinux.org/networkmanager-strongswan.git (read-only)
Package Base: networkmanager-strongswan
Description: Strongswan NetworkManager plugin
Upstream URL: http://wiki.strongswan.org/projects/strongswan/wiki/NetworkManager
Keywords: VPN
Licenses: GPL
Conflicts: networkmanager-strongswan-passwordstore
Submitter: Brinox
Maintainer: Brinox
Last Packager: Brinox
Votes: 10
Popularity: 0.177783
First Submitted: 2015-09-10 10:19
Last Updated: 2017-02-01 23:28

Pinned Comments

Brinox commented on 2015-09-10 10:22

!!! IMPORTANT !!!
The strongswan package needs to be compiled with "--enable-nm" to enable NetworkManager support.

Latest Comments

Brinox commented on 2017-02-20 18:46

@tapir: Your files may have 0777 access modifier but /home/<user> is normally 0700. I suggest installing the certificates under /etc/ipsec.d/ or similar because NetworkManager and charon-nm run as root.

tapir commented on 2017-02-18 17:57

I have my client certificates in the user home directory but when I try to connect to my VPN server, networkmanager complains that "Permission denied" for the certifiacte files. I've made them even 0777 just to make sure. Still the same problem. Any ideas?

Brinox commented on 2017-01-18 23:32

@leemeng0x61 Please refer to my comment from 2016-11-23 22:23

leemeng0x61 commented on 2017-01-18 01:36

==> ERROR: One or more PGP signatures could not be verified!
==> ERROR: Makepkg was unable to build networkmanager-strongswan.
==> Restart building networkmanager-strongswan ? [y/N]

fixed by:
> gpg --recv-keys 12538F8F689B5F1F15F07BE1765FE26C6B467584

nicolafel commented on 2016-12-28 13:00

--EDIT--
Please ignore the following, it was actually a much more simple issue with file and directory permission.
--/EDIT--

Hi all,
I’m having some trouble setting up a new VPN connections. Every time I set up my cert/key couple I get a dialogue asking for the key password. The problem is that keys that have been created, according to the [strongswan manual](https://wiki.strongswan.org/projects/strongswan/wiki/SimpleCA), with

ipsec pki --gen > peerKey.der

do not have a password. This, in turn, produces a series of errors when establishing the connection on the lines of

dic 28 13:40:23 $hostname charon-nm[1923]: 05[LIB] opening '$path_to_key' failed: Permission denied
dic 28 13:40:23 $hostname charon-nm[1923]: 05[LIB] building CRED_PRIVATE_KEY - RSA failed, tried 7 builders

If anyone has already a solution I’m more than happy to hear it, in the meanwhile I suggest to anyone with a working connection not to modify it.
All the best and many thanks to Brinox for making this package availabe :)

Stunts commented on 2016-12-05 22:35

@micsnare:
In order to make it work, you have to edit the PKGBUILD of the package "strongswan".
In line 79, replace:
--enable-bliss

with
--enable-bliss --enable-nm

Build the package, install it and you should be good to go.

micsnare commented on 2016-12-05 22:31

I seem to be having the same issue as Stunts...as I haven't added the --enable-nm option when installing Strongswan.

Where would I enable this when I compile this? Is this meant to go in the PKGBUILD at the beginning when installing the aur package?

Thanks a lot for your help!!

Brinox commented on 2016-11-23 22:23

Please see https://wiki.archlinux.org/index.php/makepkg#Signature_checking

kerjava commented on 2016-11-23 22:12

I seem to be getting a pgp signatures error its says
NetworkManager-strongswan-1.4.1.tar.bz2 .. Failed (unknown public key 765FE26C6B467584)

Any idea what is going one seems problematic

(noob fyi)

Brinox commented on 2016-11-15 23:00

It's very likely you forgot to compile Strongswan with --enable-nm :-)

All comments