Jakub Olczyk

W(y)rażenia nieregularne, tematyka różna, sceptyczno-optymistyczna

blog : technical posts hobby

WARNING! This article has been written a long time ago. It may no longer represent the current views of the author!

Notes: IPsec VPN on Centos with NetworkManager

Thu 30 May 2019 #technical #networking #centos #notes

DISCLAIMER: this is not meant to be coherent post. Sorry. Just notes for future reference.

Given that not everybody uses OpenVPN, from time to time there is a need for other configuration for making the connection. First of all, NetworkManager implements and supports quite a lot of configurations:

  • NetworkManager-fortisslvpn (releases) Fortinet SSLVPN compatible
  • NetworkManager-libreswan (releases) IPsec IKEv1 VPN, Cisco compatible
  • NetworkManager-pptp (releases) PPTP, Microsoft compatible
  • NetworkManager-openconnect (releases) Cisco AnyConnect, Juniper
  • NetworkManager-openvpn (releases) OpenVPN
  • NetworkManager-vpnc (releases) IPsec VPN, Cisco compatible

taken from the NetworkManager VPN page. For IPsec alone there are 2 officially supported implementations (and there are 3rd party plugins that can be used as well).

When using IPsec with the following configuration parameters:

Gateway
Username
User password
Pre-shared key (Group secret)
Local Id (Group Name)

There is a high chance that using installed by default libreswan will be sufficient. But there is also the chance that you need to change the IKE DH Group or adjust Perfect Forward Secrecy to use the same DH Group. In that case:

sudo yum install -y NetworkManager-vpnc-gnome

After that the process is "clickable" from the NetworkManager GUI application.

  • Add VPN > "Cisco Compatible VPN (vpnc)"

Then fill-in the blanks with the correct connection parameters.