You are not logged in.
- Topics: Active | Unanswered
#1 2022-02-05 17:01:09
- definitellynotspammer
- Member
- Registered: 2016-06-07
- Posts: 55
[SOLVED] Arch Linux is partially compatible with libreswan VPN?
Sorry for somewhat stupid title, but I don't know how to describe this issue right.
Basically I use libreswan (Network Manager plugin) to connect to company's VPN. IKEv1 protocol, PSK, XAUTH and Main mode. The VPN sets routes so only traffic to internal networks are routed via VPN. I've got this working and worked great for a month (since I installed Arch Linux on my laptop). Just recently it started to only partially work (maybe after updates) and I am not sure what Arch Linux component to blame.
NOTE that the VPN itself works perfectly OK:
a) Tested on my Windows PC (using Forticlient VPN software) - everything works fine. Tested using my own account.
b) Ubuntu VM (same setup as in Arch Linux - libreswan and libreswan network manager plugin) - everything works fine. Tested using my own account.
c) Worked to me before, on Arch Linux.
d) Works fine for all my colleagues (they are not using Arch Linux).
I have spare laptop running also Arch Linux. Installed the same libreswan + network manager plugin to test and it also only PARTIALLY works, so I can confidently say it's Arch Linux issue (well, maybe the package issue of Arch Linux).
VPN pushes several routes (about 20 of them) and now only some of the routes are working. For example, pushed network "10.48.0.0/12" works fine (all resources in this network are accessible), but resources in network "10.82.0.0/15" are not accessible. There are no other programs altering routes or maintaining firewalls. At this point I have no clue what could be preventing access to network "10.82.0.0/15". I do not have any other VPNs or exotic configurations, it's simple Gnome desktop environment with Network Manager. Nothing else.
I've tried ping'ing, telnet'ing, curl'ing and traceroute'ing resources on "10.82.0.0/15" but it feels like something is dropping the connection (nothing responds, no errors, only timeouts).
Anyone has any clue what could be an issue?
I confirm VPN works fine, especially when it works from my other devices, using the same account and even the same setup (in Ubuntu).
Last edited by definitellynotspammer (2022-02-07 11:12:33)
Offline
#2 2022-02-05 17:14:38
- ishaanbhimwal
- Member
- Registered: 2022-01-21
- Posts: 48
- Website
Re: [SOLVED] Arch Linux is partially compatible with libreswan VPN?
There are 2 similar AUR packages libreswan and networkmanager-libreswan. Have you tried both?
Offline
#3 2022-02-05 17:25:09
- definitellynotspammer
- Member
- Registered: 2016-06-07
- Posts: 55
Re: [SOLVED] Arch Linux is partially compatible with libreswan VPN?
There are 2 similar AUR packages libreswan and networkmanager-libreswan. Have you tried both?
I am using both - libreswan and networkmanager-libreswan. Also tried networkmanager-libreswan-git and it made no difference.
Just to clarify - I can see routes are pushed via VPN, they exists when I run "ip route", but traffic is not passing through. And it worked for some reason before...
Offline
#4 2022-02-07 11:12:22
- definitellynotspammer
- Member
- Registered: 2016-06-07
- Posts: 55
Re: [SOLVED] Arch Linux is partially compatible with libreswan VPN?
Issue fixed by downgrading "libreswan" package from 4.6 to 4.5. Everything works again.
Offline
#5 2022-02-07 12:32:59
- WorMzy
- Administrator
- From: Scotland
- Registered: 2010-06-16
- Posts: 13,359
- Website
Re: [SOLVED] Arch Linux is partially compatible with libreswan VPN?
Mod note: Moving to AUR Issues.
Sakura:-
Mobo: MSI MAG X570S TORPEDO MAX // Processor: AMD Ryzen 9 5950X @4.9GHz // GFX: AMD Radeon RX 5700 XT // RAM: 32GB (4x 8GB) Corsair DDR4 (@ 3000MHz) // Storage: 1x 3TB HDD, 6x 1TB SSD, 2x 120GB SSD, 1x 275GB M2 SSD
Making lemonade from lemons since 2015.
Offline