<div dir="ltr">Hi,<div>I'm trying to establish a VPN connection to our 5.6.0 SSwan server via the Network Manager in Ubuntu 16.04.3</div><div><br></div><div>I'm running an Ubuntu VM over Parallels /OSX. The VM is fully patched and up to date.</div><div><br></div><div>1st step was ot get cli version running and I can establish a VPN using "ipsec up as1558-mschap"</div><div><br></div><div>Which uses eap-peap/mschapv2 to authenticate a user against our server.</div><div><br></div><div>I then built the Network manager plugin ( v 1.4.2 ) as per <a href="https://wiki.strongswan.org/projects/strongswan/wiki/NetworkManager">https://wiki.strongswan.org/projects/strongswan/wiki/NetworkManager</a></div><div><br></div><div>When creating a vpn I now have an option to create an iopsec/ikev2 (strongswan) vpn.</div><div>I've left the general tab, ipv4 and ipv6 settings tabs at their default settings and only altered the VPN tab.</div><div><br></div><div>Gateway address / <a href="http://vpn.york.ac.uk">vpn.york.ac.uk</a></div><div>Certificate / None</div><div><br></div><div>Client Authentication / EAP</div><div>Username / <my userid at <a href="http://york.ac.uk">york.ac.uk</a></div><div>Password / left at ask for password every time</div><div><br></div><div>Options </div><div>Request an inner IP address</div><div>Enforce UDP encapsulation</div><div><br></div><div>I can save the above</div><div><br></div><div>but when I try enabling the vpn nothing visible hapens</div><div><br></div><div>1). I don't get prompted for a password</div><div>2). Having configured /var/log/strongswan.log nothing appears in it</div><div>3). Nothing appears at the vpn server</div><div><br></div><div>/var/log/kern.log has</div><div><br></div><div><div>Sep 7 12:35:24 deadpool NetworkManager[693]: <info> [1504784124.0851] audit: op="connection-activate" uuid="4c98e2da-b95e-49b2-b18d-e8591db70094" name="VPN connection 1" pid=19612 uid=1000 result="success"</div><div>Sep 7 12:35:24 deadpool NetworkManager[693]: <warn> [1504784124.1173] vpn-connection[0xe7e260,4c98e2da-b95e-49b2-b18d-e8591db70094,"VPN connection 1",0]: Could not launch the VPN service. error: Failed to execute child process "/usr/libexec/ipsec/charon-nm" (No such file or directory).</div></div><div><br></div><div>... and its right ... there's no directory called /usr/libexec</div><div><br></div><div>For strongswan I used </div><div><pre>./configure --sysconfdir=/etc --prefix=/usr --libexecdir=/usr/lib \
--disable-aes --disable-des --disable-md5 --disable-sha1 --disable-sha2 \
--disable-fips-prf --disable-gmp --enable-openssl --enable-nm --enable-agent \
--enable-eap-gtc --enable-eap-md5 --enable-eap-mschapv2 --enable-eap-identity \<br></pre><pre> --enable-curl --enable-eap-peap</pre><pre>For NM I originally used </pre><pre>./configure --sysconfdir=/etc --prefix=/usr<br></pre><pre>which generated the /usr/libexec/ipsec/chron-nm dies not exist error</pre><pre>..so I changed this to </pre><pre>./configure --sysconfdir=/etc --prefix=/usr --with-charon=/usr/lib/ipsec/charon-nm</pre></div><div>Having set the config to prompt for a password I get </div><div><br></div><div><div>Sep 7 12:49:07 deadpool NetworkManager[693]: <info> [1504784947.9910] vpn-connection[0xe7e620,ae93fe4c-e311-4ef5-9c70-145323a361c8,"UoY SSwan",0]: Saw the service appear; activating connection</div><div>Sep 7 12:49:08 deadpool NetworkManager[693]: <error> [1504784948.0145] vpn-connection[0xe7e620,ae93fe4c-e311-4ef5-9c70-145323a361c8,"UoY SSwan",0]: Failed to request VPN secrets #3: No agents were available for this request.</div></div><div><br></div><div>Entered password manually and still got the same message in kern.log</div><div><br></div><div>What have I missed ?</div><div><br></div><div>Rgds</div><div>Alex</div><div><br></div><div><br></div><div><br></div><div>Rgds</div><div>Alex</div><div><br></div></div>