install networkmanager-l2tp
first:
yaourt -S networkmanager-l2tp
apt install -y network-manager-l2tp
then reboot or systemctl restart NetworkManager
because
nmtui
can not create VPN connections, so I ended up creating one in the GUI and analysis generated config file
this can be done only via root, create the vpn config /etc/NetworkManager/system-connections/{vpn_name}
manually:
#pregenerate config file by nmcli (replace {vpn_name} by your name. It will be prefixed by vpn- string):
sudo nmcli connection add type vpn ifname {vpn_name} vpn-type l2tp
[connection]
id={vpn_name}
uuid=aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa
type=vpn
autoconnect=false
permissions=
[vpn]
gateway={ip_of_vpn_server}
ipsec-enabled=yes
ipsec-esp=3des-sha1
ipsec-ike=3des-sha1-modp1024
ipsec-psk={PSK}
password-flags=0
user={given_user}
service-type=org.freedesktop.NetworkManager.l2tp
[vpn-secrets]
password={password_for_user_given_user}
[ipv4]
dns-search=
method=auto
# do not use this vpn to tunelling traffic. It is another ip range for private servers. For normal Internet use original connection.
never-default=true
[ipv6]
addr-gen-mode=stable-privacy
dns-search=
method=auto
# do not use this vpn to tunelling traffic. It is another ip range for private servers. For normal Internet use original connection.
never-default=true
fill {vpn_name}
{ip_of_vpn_server}
, {PSK}
, {given_user}
, {password_for_user_given_user}
change uuid if needed (list current connections via nmcli c
) and make sure the config permission is 600
with owner root:root
, then:
systemctl restart NetworkManager # reload to detect the config
nmcli c up {vpn_name} --ask # establish the vpn connection, it will ask for password
nmcli # check connection status
nmcli c down {vpn_name} # close the vpn connection
Gateway
is the ip of the vpn serverUser name
is the given user- Password can be left blank to enter when connecting
- click
IPsec Settings...
button- Check
Enable IPsec tunnel to L2TP host
- paste PSK to
Pre-shared key
- IMPORTANT Uncheck
Enable IPsec tunnel to L2TP host
before clickOK
button, I think this is a bug
- Check
- click
Add
button and enable
Error in conection
Error: Connection activation failed: Could not find source connection.