This has frustrated me for a month or so... I can get onto my work VPN
via the ShrewSoft client (ike and ike-qtgui) but it's not integrated
with NetworkManager (and overwrites /etc/resolv.conf, interfering with
it).

You have to resort to manual configuration of the dnsmasq instance
created by NetworkManager in order to get it to play nice with managed
connections - turn off the DNS settings in the ShrewSoft client and add
them manually to dnsmasq to stop it overwriting /etc/resolv.conf

The manual config above may also work, but likewise, won't play nice
with other NetworkManager connections.

The NM plugin for StrongSwan has been updated to support PSK but I don't
know if this means it supports IKEv1... it imposes a 20 character
minimum, and of course, my network admin has configured a PSK shorter
than this, so I can't test it.

I agree with the sentiments expressed above that removing support for an
exceedingly common (if not best-practice) VPN configuration does not
create the best impression of Ubuntu. RedHat has retained support via
the NetworkManager-libreswan plugin as described in the page below.

https://access.redhat.com/documentation/en-
US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/sec-
Securing_Virtual_Private_Networks.html

Sadly, Debian still has libreswan in the "experimental" section.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1457078

Title:
  L2TP client support for PSK removed from 15.04/15.10

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager-strongswan/+bug/1457078/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to