Closed romulogcerqueira closed 4 years ago
The "Disable PFS" option is greyed if detects strongswan. PFS for strongSwan 5.x onwards is enabled by appending a DH group to the ESP (i.e. phase 2 algorithms) settings, see:
So I assume you are using libreswan.
If you run /usr/bin/nm-connection-editor
, tick the "Disable PFS" check box, save the connection, then re-open the connection, is the "Disable PFS" check box still enabled?
If you are using KDE plasma-nm that comes with Kubuntu 20.04, it will erase the "Disable PFS" setting, you would need to use a newer version of plasma-nm that has the "Disable PFS" check box, e.g.:
If you are using KDE plasma-nm on Kubuntu 20.04, the following thread describes a workaround to stop "Disable PFS" option being removed by changing permissions of the config file:
I'm closing this issue due to lack of response activity. I will reopen if there are responses.
On IPsec settings, I check the "Disable PFS" tick box, however, this configuration is not stored. How can I overcome this issue?
I am using Ubuntu 20.04.