install packages first:
yay -S xl2tpd strongswan networkmanager-l2tp
ref: https://wiki.archlinux.org/index.php/Openswan_L2TP/IPsec_VPN_client_setup yay: https://github.com/Jguer/yay
then reboot or systemctl restart NetworkManager
nmcli c add con-name CON_NAME type vpn vpn-type l2tp vpn.data 'gateway=GATEWAY_HOST, ipsec-enabled=yes, ipsec-psk=PRE_SHARED_KEY, password-flags=2, user=USERNAME'
nmcli c edit CON_NAME # interactive mode, type help for manual
nmcli c up CON_NAME
nmcli c down CON_NAME
nmcli c delete CON_NAME
- password-flags=0 => Save password in plain text
- password-flags=1 => Save encrypted password
- password-flags=2 => Don't save password, ask when needed
- when using this,
nmcli c up CON_NAME --ask
is needed
- when using this,
Gateway
is the ip of the vpn serverUser name
is the given user- Password can be left blank to enter when connecting
- click
IPsec Settings...
button- Check
Enable IPsec tunnel to L2TP host
- paste PSK to
Pre-shared key
- IMPORTANT Uncheck
Enable IPsec tunnel to L2TP host
before clickOK
button, I think this is a bug
- Check
- click
Add
button and enable
nnetworkmanager-l2tp not in aur repositopy. It'is community repository https://archlinux.org/packages/community/x86_64/networkmanager-l2tp/
The command to install the plugin should be like this
sudo pacman -S networkmanager-l2tp
It's work