Setting up strongSwan on Ubuntu 22.04 and 24.04 with NetworkManager


For Ubuntu users who need to configure strongSwan (an open-source IPsec VPN solution) using NetworkManager on Ubuntu 22.04 or 24.04, simply installing the network-manager-strongswan package is not sufficient. Additional plugins and libraries are required to enable full functionality for various VPN configurations, including advanced authentication methods and protocol support.

Required Packages

To ensure strongSwan works seamlessly with NetworkManager, install the following packages:

  1. network-manager-strongswan: This package integrates strongSwan into NetworkManager, allowing you to manage VPN connections using a graphical user interface (GUI). It adds support for IKEv2/IPsec VPNs.
  2. libcharon-extra-plugins: This package provides additional plugins for strongSwan’s IKE daemon (charon), extending its functionality to handle different encryption algorithms, key exchange mechanisms, and advanced authentication protocols.
  3. libstrongswan-extra-plugins: These extra plugins offer support for more cryptographic algorithms and authentication methods, enhancing compatibility with various VPN configurations. This includes EAP-based methods commonly used in VPN setups.

Step-by-Step Installation

To install the necessary packages, follow these steps:

  1. Update the package list to ensure you have the latest versions available:
   sudo apt update
  1. Install the strongSwan NetworkManager plugin along with the extra plugin packages:
   sudo apt install network-manager-strongswan libcharon-extra-plugins libstrongswan-extra-plugins
  1. Restart NetworkManager to apply the changes:
   sudo systemctl restart NetworkManager

Configuring a VPN Connection

Once the necessary packages are installed and NetworkManager has been restarted, you can proceed to configure a VPN connection using the GUI:

  1. Open SettingsNetwork.
  2. Click the + button next to the VPN section.
  3. Select IPSec/IKEv2 (strongSwan) from the list of available VPN types.
  4. Enter the required connection details, including the server address, username, password, and any pre-shared keys or certificates as provided by your VPN provider.

For advanced VPN configurations, you may also need to specify custom encryption settings or certificate paths under the Advanced settings in the VPN configuration window.

Troubleshooting

If you encounter issues connecting to the VPN, you can check the system logs for more detailed information:

sudo journalctl -xe
sudo journalctl -u NetworkManager

These logs may provide insight into common issues, such as authentication failures, certificate problems, or configuration mismatches.

Conclusion

To successfully configure and use strongSwan VPNs with NetworkManager on Ubuntu 22.04 and 24.04, you must install three key packages: network-manager-strongswan, libcharon-extra-plugins, and libstrongswan-extra-plugins. These packages extend the capabilities of strongSwan, providing compatibility with a wide range of VPN configurations, cryptographic algorithms, and authentication methods.

By ensuring these packages are installed and properly configured, you can easily manage your strongSwan VPN connections through the Ubuntu NetworkManager GUI.

This post is also available in: Greek

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.