Package Details: networkmanager-strongswan 1.4.1-1

Git Clone URL: (read-only)
Package Base: networkmanager-strongswan
Description: Strongswan NetworkManager plugin
Upstream URL:
Keywords: VPN
Licenses: GPL
Conflicts: networkmanager-strongswan-passwordstore
Submitter: Brinox
Maintainer: Brinox
Last Packager: Brinox
Votes: 10
Popularity: 0.394212
First Submitted: 2015-09-10 10:19
Last Updated: 2017-01-13 10:53

Pinned Comments

Brinox commented on 2015-09-10 10:22

The strongswan package needs to be compiled with "--enable-nm" to enable NetworkManager support.

Latest Comments

nicolafel commented on 2016-12-28 13:00

Please ignore the following, it was actually a much more simple issue with file and directory permission.

Hi all,
I’m having some trouble setting up a new VPN connections. Every time I set up my cert/key couple I get a dialogue asking for the key password. The problem is that keys that have been created, according to the [strongswan manual](, with

ipsec pki --gen > peerKey.der

do not have a password. This, in turn, produces a series of errors when establishing the connection on the lines of

dic 28 13:40:23 $hostname charon-nm[1923]: 05[LIB] opening '$path_to_key' failed: Permission denied
dic 28 13:40:23 $hostname charon-nm[1923]: 05[LIB] building CRED_PRIVATE_KEY - RSA failed, tried 7 builders

If anyone has already a solution I’m more than happy to hear it, in the meanwhile I suggest to anyone with a working connection not to modify it.
All the best and many thanks to Brinox for making this package availabe :)

Stunts commented on 2016-12-05 22:35

In order to make it work, you have to edit the PKGBUILD of the package "strongswan".
In line 79, replace:

--enable-bliss --enable-nm

Build the package, install it and you should be good to go.

micsnare commented on 2016-12-05 22:31

I seem to be having the same issue as I haven't added the --enable-nm option when installing Strongswan.

Where would I enable this when I compile this? Is this meant to go in the PKGBUILD at the beginning when installing the aur package?

Thanks a lot for your help!!

Brinox commented on 2016-11-23 22:23

Please see

kerjava commented on 2016-11-23 22:12

I seem to be getting a pgp signatures error its says
NetworkManager-strongswan-1.4.1.tar.bz2 .. Failed (unknown public key 765FE26C6B467584)

Any idea what is going one seems problematic

(noob fyi)

Brinox commented on 2016-11-15 23:00

It's very likely you forgot to compile Strongswan with --enable-nm :-)

Stunts commented on 2016-11-15 22:48

After installing this package I can configure a VPN in nm-settings using IKEv2!
However, when trying to activate it I get the following error:
nov 15 22:43:17 VoidCaster NetworkManager[518]: <warn> [1479249797.4126] vpn-connection[--SNIP--]: Could not launch the VPN service. error: Failed to execute child process "/usr/lib/strongswan/charon-nm" (No such file or directory).
Any hints on what could be wrong? Thanks in advance.

Brinox commented on 2016-09-27 16:25

The main strongswan package is responsible for installing this file, not the NetworkManager plugin package. If I would include this file in the package, this will lead to a conflict with the main package, when the new version including the necessary patches will be released.

Thus, I'm preferring to *not* include the policy file in the package. Please install strongswan-git or put the file there yourself, as long as the changes are not included in a release. Please remember to add the configuration option --enable-nm when compiling strongswan.

grawity commented on 2016-09-27 07:00

(And while you're at it, those files are being moved to /usr/share/dbus-1/system.d/ rather than /etc.)

BertVoegele commented on 2016-09-27 06:57

The package doesn't install "nm-strongswan-service.conf" (to /etc/dbus-1/system.d/ ), resulting in an error :
'Connection ":X.YY" is not allowed to own the service "org.freedesktop.NetworkManager.strongswan" due to security policies in the configuration file'.
Just copying the file over from the _original_ source tree (because it's not in the tarball) does solve the issue.

Brinox commented on 2016-09-08 21:45

Updated to v1.4.0, but this requires some changes, that haven't been released in any version yet. Thus, I added a dependency to strongswan >= 5.5.1, even if this version doesn't exist yet.

Please use strongswan-git, as long as there is no release available containing the latest changes.

Brinox commented on 2016-08-16 09:33

A pull request for NetworkManager 1.2 support has been created at the GitHub repo [1], we just have to wait until it gets merged.


Brinox commented on 2016-08-07 17:30

It seems to be already reported here.

It works just fine when using the GNOME settings instead of the NM GUI.

abi commented on 2016-08-07 12:04

Yes. NN tells me that no VPN modules are available.

Brinox commented on 2016-08-07 10:28

Have you added the compile flag for strongswan as I stated in the very first comment?

abi commented on 2016-08-07 09:25

Doesn't work for me. Compiles, but no Strongswan options are available at all, like plugin is not installed.

Anonymous comment on 2016-01-20 12:07

I have provided a separate strongswan-networkmanager package as the strongswan maintainer does not wish to add --enable-nm.

gustawho commented on 2015-12-31 22:26

Please, add 'intltool' at makedepends

jdubs commented on 2015-12-15 22:33

Thanks for being on top of it.

Brinox commented on 2015-12-15 21:53

Thanks for the report, I added a flag so these deprecation warnings aren't treated as errors anymore until upstream fixes this.

jdubs commented on 2015-12-15 16:25

Adding "-Wno-deprecated-declarations" to CFLAGS and CXXFLAGS in /etc/makepkg.conf allowed this package to compile and install. Would this be a case in which the package is out-of-date?

jdubs commented on 2015-12-14 22:49

Just downloaded and installed the latest strongswan AUR package (updated 12-12-2015). When attempting to install this package, I receive the following error:

main.c: In function ‘lookup_password’:
main.c:43:2: error: ‘gnome_keyring_find_network_password_sync’ is deprecated: Use 'SECRET_SCHEMA_COMPAT_NETWORK' instead [-Werror=deprecated-declarations]
if (gnome_keyring_find_network_password_sync(g_get_user_name(), NULL, name,
In file included from main.c:25:0:
/usr/include/gnome-keyring-1/gnome-keyring.h:551:20: note: declared here
GnomeKeyringResult gnome_keyring_find_network_password_sync (const char *user,
main.c:59:2: error: ‘gnome_keyring_network_password_list_free’ is deprecated [-Werror=deprecated-declarations]
In file included from main.c:25:0:
/usr/include/gnome-keyring-1/gnome-keyring.h:537:6: note: declared here
void gnome_keyring_network_password_list_free (GList *list);
main.c: In function ‘main’:
main.c:222:6: error: ‘gnome_keyring_set_network_password_sync’ is deprecated: Use 'SECRET_SCHEMA_COMPAT_NETWORK' instead [-Werror=deprecated-declarations]
if (gnome_keyring_set_network_password_sync(keyring,
In file included from main.c:25:0:
/usr/include/gnome-keyring-1/gnome-keyring.h:573:20: note: declared here
GnomeKeyringResult gnome_keyring_set_network_password_sync (const char *keyring,
cc1: all warnings being treated as errors
Makefile:393: recipe for target 'nm_strongswan_auth_dialog-main.o' failed
make[2]: *** [nm_strongswan_auth_dialog-main.o] Error 1
make[2]: Leaving directory '/home/jdubs/aur/networkmanager-strongswan/src/NetworkManager-strongswan-1.3.1/auth-dialog'
Makefile:445: recipe for target 'all-recursive' failed
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory '/home/jdubs/aur/networkmanager-strongswan/src/NetworkManager-strongswan-1.3.1'
Makefile:334: recipe for target 'all' failed
make: *** [all] Error 2
==> ERROR: A failure occurred in build().

Any takers?

TaXules commented on 2015-10-14 21:35

Thanks a lot!

Brinox commented on 2015-10-14 08:54


TaXules commented on 2015-10-14 04:49

Can you add this patch: ?
It is from


Brinox commented on 2015-09-10 10:22

The strongswan package needs to be compiled with "--enable-nm" to enable NetworkManager support.