Package Details: networkmanager-strongswan 1.4.1-1

Git Clone URL: https://aur.archlinux.org/networkmanager-strongswan.git (read-only)
Package Base: networkmanager-strongswan
Description: Strongswan NetworkManager plugin
Upstream URL: http://wiki.strongswan.org/projects/strongswan/wiki/NetworkManager
Keywords: VPN
Licenses: GPL
Conflicts: networkmanager-strongswan-passwordstore
Submitter: Brinox
Maintainer: Brinox
Last Packager: Brinox
Votes: 12
Popularity: 1.312273
First Submitted: 2015-09-10 10:19
Last Updated: 2017-02-01 23:28

Pinned Comments

Brinox commented on 2015-09-10 10:22

!!! IMPORTANT !!!
The strongswan package needs to be compiled with "--enable-nm" to enable NetworkManager support.

Latest Comments

JamesK commented on 2017-04-20 09:45

@Brinox

Yes I am using both a PSK and password. I know its a bit silly but it was a quick deployment and configuration on my ERX router. I guess my only option is to change the certificate than.

Brinox commented on 2017-04-18 09:53

@JamesK: Are you using both PSK *and* username / password? I would opt for only one of those or switch over to using certificates if you're concerned about security. I don't think using both PSK and username / password is supported using the GUI only.

JamesK commented on 2017-04-18 09:45

When trying to setup a new VPN connection using PSK, I'm unable to input the PSK and save the configuration. I can enter the address, username, and password but I cant find anywhere to input the Pre-Shared-Key when I selected it as the form of Authentication.

amuri-de commented on 2017-04-03 04:54

if you get error like this:
==> Verifying source file signatures with gpg...
NetworkManager-strongswan-1.4.1.tar.bz2 ... FAILED (unknown public key 765FE26C6B467584)
==> ERROR: One or more PGP signatures could not be verified!
==> ERROR: Makepkg was unable to build networkmanager-strongswan.

you can try to add pgp key with:
gpg --keyserver pool.sks-keyservers.net --recv-keys 765FE26C6B467584

I hope it will fix the problem

Brinox commented on 2017-02-20 18:46

@tapir: Your files may have 0777 access modifier but /home/<user> is normally 0700. I suggest installing the certificates under /etc/ipsec.d/ or similar because NetworkManager and charon-nm run as root.

tapir commented on 2017-02-18 17:57

I have my client certificates in the user home directory but when I try to connect to my VPN server, networkmanager complains that "Permission denied" for the certifiacte files. I've made them even 0777 just to make sure. Still the same problem. Any ideas?

Brinox commented on 2017-01-18 23:32

@leemeng0x61 Please refer to my comment from 2016-11-23 22:23

leemeng0x61 commented on 2017-01-18 01:36

==> ERROR: One or more PGP signatures could not be verified!
==> ERROR: Makepkg was unable to build networkmanager-strongswan.
==> Restart building networkmanager-strongswan ? [y/N]

fixed by:
> gpg --recv-keys 12538F8F689B5F1F15F07BE1765FE26C6B467584

nicolafel commented on 2016-12-28 13:00

--EDIT--
Please ignore the following, it was actually a much more simple issue with file and directory permission.
--/EDIT--

Hi all,
I’m having some trouble setting up a new VPN connections. Every time I set up my cert/key couple I get a dialogue asking for the key password. The problem is that keys that have been created, according to the [strongswan manual](https://wiki.strongswan.org/projects/strongswan/wiki/SimpleCA), with

ipsec pki --gen > peerKey.der

do not have a password. This, in turn, produces a series of errors when establishing the connection on the lines of

dic 28 13:40:23 $hostname charon-nm[1923]: 05[LIB] opening '$path_to_key' failed: Permission denied
dic 28 13:40:23 $hostname charon-nm[1923]: 05[LIB] building CRED_PRIVATE_KEY - RSA failed, tried 7 builders

If anyone has already a solution I’m more than happy to hear it, in the meanwhile I suggest to anyone with a working connection not to modify it.
All the best and many thanks to Brinox for making this package availabe :)

Stunts commented on 2016-12-05 22:35

@micsnare:
In order to make it work, you have to edit the PKGBUILD of the package "strongswan".
In line 79, replace:
--enable-bliss

with
--enable-bliss --enable-nm

Build the package, install it and you should be good to go.

All comments