Having issues with NetworkManager-l2tp (IKEv1)

xehbit · 2019-04-12 12:22:30

Hey,

I have some trouble connecting to my vpn server using the networkmanager-l2tp (aur) plugin with libreswan (aur). This is what i see in the journalctl -fu NetworkManager:

pr 12 11:15:15 skynet NetworkManager[13756]: 004 "0c8c3525-e788-4755-b9b7-5abe2d1c16f5" #1: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_256 integ=HMAC_SHA1 group=DH20}
Apr 12 11:15:15 skynet NetworkManager[13756]: 002 "0c8c3525-e788-4755-b9b7-5abe2d1c16f5" #2: initiating Quick Mode PSK+ENCRYPT+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#1 msgid:90a3bf52 proposal=AES_CBC_256-HMAC_SHA1_96, AES_CBC_128-HMAC_SHA1_96, 3DES_CBC-HMAC_SHA1_96 pfsgroup=DH20}
Apr 12 11:15:15 skynet NetworkManager[13756]: 117 "0c8c3525-e788-4755-b9b7-5abe2d1c16f5" #2: STATE_QUICK_I1: initiate
Apr 12 11:15:15 skynet NetworkManager[13756]: 010 "0c8c3525-e788-4755-b9b7-5abe2d1c16f5" #2: STATE_QUICK_I1: retransmission; will wait 0.5 seconds for response
Apr 12 11:15:16 skynet NetworkManager[13756]: 010 "0c8c3525-e788-4755-b9b7-5abe2d1c16f5" #2: STATE_QUICK_I1: retransmission; will wait 1 seconds for response
Apr 12 11:15:17 skynet NetworkManager[13756]: 010 "0c8c3525-e788-4755-b9b7-5abe2d1c16f5" #2: STATE_QUICK_I1: retransmission; will wait 2 seconds for response
Apr 12 11:15:19 skynet NetworkManager[13756]: 010 "0c8c3525-e788-4755-b9b7-5abe2d1c16f5" #2: STATE_QUICK_I1: retransmission; will wait 4 seconds for response
Apr 12 11:15:23 skynet NetworkManager[13756]: 010 "0c8c3525-e788-4755-b9b7-5abe2d1c16f5" #2: STATE_QUICK_I1: retransmission; will wait 8 seconds for response
Apr 12 11:15:24 skynet nm-l2tp-service[18316]: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
Apr 12 11:15:24 skynet NetworkManager[13756]: <info>  [1555067724.9740] vpn-connection[0x563b505e60b0,0c8c3525-e788-4755-b9b7-5abe2d1c16f5,"Versio L2TP",0]: VPN plugin: state changed: stopped (6)

Wile running sudo ipsec verify, everything says [OK]. I've tried connecting with the VPN using a old macbook i have laying around here, and that will connect so the credentials and server are fine. Anybody that can help me in the right direction of finding the issue and fixing it :-) ?

dkosovic · 2019-04-14 01:40:00

Try with "Disable PFS" ticked in the IPsec Options dialog box, this option was added in NetworkManager-1-2.12, previously Perfect Forward Secrecy was disabled in the code.

Alternatively, you could try switching to strongswan.

Arch Linux

#1 2019-04-12 12:22:30

Having issues with NetworkManager-l2tp (IKEv1)

#2 2019-04-14 01:40:00

Re: Having issues with NetworkManager-l2tp (IKEv1)

Board footer