Re: Network manager and libreswan setup

From: Francesco Giudici <fgiudici redhat com>
To: Jose Guilherme Vanz <jose guilherme vanz zpesystems com>, "networkmanager-list gnome org" <networkmanager-list gnome org>
Subject: Re: Network manager and libreswan setup
Date: Tue, 17 Jul 2018 11:55:47 +0200



On 17/07/2018 11:42, Thomas Haller via networkmanager-list wrote:

On Fri, 2018-07-13 at 12:44 +0000, Jose Guilherme Vanz wrote:

Hi guys,

I'm trying to configure a VPN connection in network manager using the
libreswan plugin. I would like to know if there is a documentation or
a tutorial of how to configure the connection. I found bunch of
samples in the Internet but it always show how to configure without
network manager. How can I integrate with network manager ? Do I
still need to have the config file for ipsec or I can set up
everything inside VPN configuration section ?


Hi,


a simple way, is to use the GUI.

- you can use "nm-connection-editor" or (Gnome3's) "gnome-control-
center". For that, ensure you installed the gtk part of the
NetworkManager-libreswan plugin. Then, edit the profile in the GUI.

- use KDE's plasma-nm. It brings its own GUI plug to edit libreswan
profiles.

- theoretically, you can edit the profile with nmcli. But that is
inconvenient, because it's non-obvious which keys to set. There is no
good documentation, but have a look at the source [1].

If you use the GUI, it should be simple enough, because few options are
supported.


Hi Jose,
  a couple of more details: NetworkManager-libreswan plugin allows you
to configure an IKEv1 RoadWarrior XAUTH connection only (IKE2 support is
WiP).
So, if you are looking on how to setup a host2host tunnel configuring
both with NM... you cannot.

Regarding docs... it is something we are trying to improve, a draft of a
man page of exposed options is here:
https://gitlab.gnome.org/GNOME/NetworkManager-libreswan/commit/64df4a34916a343193d7ec2a9c76c7946530735c

If you share your usage scenario is something we may take into account
for future improvements.

Regards

Francesco


best,
Thomas

[1] https://gitlab.gnome.org/GNOME/NetworkManager-libreswan/blob/master/src/nm-libreswan-service.c#L249



_______________________________________________
networkmanager-list mailing list
networkmanager-list gnome org
https://mail.gnome.org/mailman/listinfo/networkmanager-list

References:
- Network manager and libreswan setup
  - From: Jose Guilherme Vanz
- Re: Network manager and libreswan setup
  - From: Thomas Haller

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]