network manager

Setting up strongSwan on Ubuntu 22.04 and 24.04 with NetworkManager

 in Bash / GNU/Linux  tagged bash / GNU/Linux / network manager / strongswan / ubuntu / vpn by

For Ubuntu users who need to configure strongSwan (an open-source IPsec VPN solution) using NetworkManager on Ubuntu 22.04 or 24.04, simply installing the network-manager-strongswan package is not sufficient. Additional plugins and libraries are required to enable full functionality for various VPN configurations, including advanced authentication methods and protocol support.

Required Packages

To ensure strongSwan works seamlessly with NetworkManager, install the following packages:

  1. network-manager-strongswan: This package integrates strongSwan into NetworkManager, allowing you to manage VPN connections using a graphical user interface (GUI). It adds support for IKEv2/IPsec VPNs.
  2. libcharon-extra-plugins: This package provides additional plugins for strongSwan’s IKE daemon (charon), extending its functionality to handle different encryption algorithms, key exchange mechanisms, and advanced authentication protocols.
  3. libstrongswan-extra-plugins: These extra plugins offer support for more cryptographic algorithms and authentication methods, enhancing compatibility with various VPN configurations. This includes EAP-based methods commonly used in VPN setups.

Step-by-Step Installation

To install the necessary packages, follow these steps:

  1. Update the package list to ensure you have the latest versions available:
   sudo apt update
  1. Install the strongSwan NetworkManager plugin along with the extra plugin packages:
   sudo apt install network-manager-strongswan libcharon-extra-plugins libstrongswan-extra-plugins
  1. Restart NetworkManager to apply the changes:
   sudo systemctl restart NetworkManager

Configuring a VPN Connection

Once the necessary packages are installed and NetworkManager has been restarted, you can proceed to configure a VPN connection using the GUI:

  1. Open SettingsNetwork.
  2. Click the + button next to the VPN section.
  3. Select IPSec/IKEv2 (strongSwan) from the list of available VPN types.
  4. Enter the required connection details, including the server address, username, password, and any pre-shared keys or certificates as provided by your VPN provider.

For advanced VPN configurations, you may also need to specify custom encryption settings or certificate paths under the Advanced settings in the VPN configuration window.

Troubleshooting

If you encounter issues connecting to the VPN, you can check the system logs for more detailed information:

sudo journalctl -xe
sudo journalctl -u NetworkManager

These logs may provide insight into common issues, such as authentication failures, certificate problems, or configuration mismatches.

Conclusion

To successfully configure and use strongSwan VPNs with NetworkManager on Ubuntu 22.04 and 24.04, you must install three key packages: network-manager-strongswan, libcharon-extra-plugins, and libstrongswan-extra-plugins. These packages extend the capabilities of strongSwan, providing compatibility with a wide range of VPN configurations, cryptographic algorithms, and authentication methods.

By ensuring these packages are installed and properly configured, you can easily manage your strongSwan VPN connections through the Ubuntu NetworkManager GUI.

Fedora 25 with GNOME 3: Making a Wi-Fi hotspot 7

 in GNU/Linux  tagged fedora / gnome / hotspot / network manager / nm-connection-editor / wi-fi by

Recently we tried to create a Wi-Fi hotspot on Fedora 25 running GNOME 3.

When we clicked on the Use as Hotspot... button  on the network manager it did not activate the hotspot.
Actually, nothing changed after we clicked on the button.
We tried this several times, some while being disconnected from all networks, others with having the Wi-Fi device disabled etc. None of the tests payed out.

To mitigate the problem, we used nm-connection-editor to create the hotspot configuration and then activate it from the network manager.

After we starter nm-connection-editor, we pressed the Add button to create a new configuration:

From the prompt, we selected the option Wi-Fi and then clicked on the Create... button.

In the newly appeared window, we filled in

  • the Connection name (which is not used by the system, it is only for us to identify which configuration this is),
  • then the SSID (which is the name of the network you will create and connect to),
  • we set Mode to Hotspot

Then we switched to the Wi-Fi Security tab where we filled in the type of protection we want the hotspot to have and the password for it.

We clicked Save and then we closed the Network Connections window as well.

From the network manager, we clicked on Use as Hotspot... button and then the Turn On button on the confirmation popup to finish the activation.

After this, the network manager changed its screen and showed a page which had all the necessary information that are needed to connect to our newly created hotspot.

Note:

In case you cannot connect because the password verification fails even though you are providing the correct password, you can always do the ugly hack of setting up a hotspot with no security to get your job done…