Wiki would benefit from a basic profile example for nmcli users

[wfrced]

As it turns out, it's very simple but not entirely obvious. Copying a customized example into /etc/NetworkManager/system-connections/l2tp-vpn.nmconnection and restarting NetworkManager will make it pick the profile up.

[connection]
id=l2tp-vpn
uuid=54a30a4a-b39e-4d3d-979d-6164d8a4b0b4
type=vpn
autoconnect=false
permissions=user:<your username>:;

[vpn]
gateway=<your IP>
password-flags=0
user=<your login>
service-type=org.freedesktop.NetworkManager.l2tp

[vpn-secrets]
password=<your password>

[ipv4]
dns-search=
method=auto

[ipv6]
addr-gen-mode=stable-privacy
dns-search=
method=auto

[dkosovic]

I did notice the following command-line instructions previously:

• https://gist.github.com/pastleo/aa3a9524664864c505d637b771d079c9

The following lists the current attributes that can be used in the [vpn] section of the l2tp connection file :

• https://github.com/nm-l2tp/NetworkManager-l2tp/blob/master/shared/nm-service-defines.h

It's going to be pretty difficult to write a generic connection template that will work for everybody. e.g. ipsec-ike and ipsec-esp often need to be set and can be different between stongswan and libreswan. Some people prefer not to store the plain text password in the connection file. In newer versions the PSK is now Base64 encoded (but that shouldn't matter as it is backwards compatible with plain text). It also now supports user and machine certificates (which really convolutes things as PKCS#12 certificates are handled differently to X509 certificates).