Connect as client to Ipsec with OpenSuse Linux

A former co-worker established a set of AWS instances. One of these is an IPSec VSetup a IPSec/L2TP VPN server.

I can SSH into this ec2 instance, and on this machine. I do have a username and password setup in this linux instance.

Now I have an OpenSuse 13.2 Linux laptop. I have been told to connect via IPSec to a particular hostname (vpn-ipsec.myhostname.com)

I don't recall ever having done this on a linux machine to connect to an ipsec vpn server. I don't expect this would be hard. I went into Network Manager to create a new connection, and I see a lot of choices, but I didn't see ipsec in particular.

I don't need a UI tool in OpenSuse, if there is one there, that's great, or if I could use some command-line tools to make that connection, that would be good also. I have installed strongswan and strongswan-ipsec modules to my linux laptop.

Please let me know if there is any other information you might need.

Thanks!

Replay

There are several types of VPNs, some common ones are openvpn (RedHat), vpnc (Cisco) and pptp (Point To Point Tunnel), each of them has a different way to connect from a *nix machine. Yet there is NetworkManager, which uses a plugin system to support several types of VPNs.

My knowledge on NetworkManger is on Arch Linux but OpenSUSE has documentation on using NetworkManager. Unfortunately NetworkManager is interfaced by a lot of graphical tools, and the command line tool (nmcli) has no good support for configuring a VPN client.

You can use of the many graphical interfaces (one of the many flavours of nm-applet). Or you can hack together the configuration file.

First of all you need to make sure you are using NetworkManger as network configuration tool this is somewhere in YaST I believe.

Next you need to install the VPN plugins for NetworkManager:

  • NetworkManager-openvpn
  • NetworkManager-vpnc
  • NetworkManager-pptp

The you need to configure a connection, let's call is myvpn. In /etc/NetworkManager/system-connections/myvpn add the following (you can make up the UUID, just keep the format):

[connection]
id=myvpn
uuid=799ce6af-b88c-4119-9319-8d9a029cb6ee
type=wifi
permissions=
secondaries=

[vpn]
Xauth password-flag=0
IPSec secret-flags=0

[vpn-secrets]
Xauth password=<password to the VPN>
IPSec secret=<group key for the VPN>

Note that you should keep that file under root and with -rw------- permissions, since the passwords are in clear text!

Finally you can do:

nmcli connection up id myvpn



Extra note: NetworkManager is often quirky with VPNs, and nmcli does not make it easy to change the configuration. What I normally do is to use nm-applet to configure the VPN and then nmcli to actually start it.

References:

Category: linux Time: 2016-07-28 Views: 5

Related post

iOS development

Android development

Python development

JAVA development

Development language

PHP development

Ruby development

search

Front-end development

Database

development tools

Open Platform

Javascript development

.NET development

cloud computing

server

Copyright (C) avrocks.com, All Rights Reserved.

processed in 3.106 (s). 13 q(s)