no label for certificates

[pawel-zajac90]

Hi, I installed NetworkManager-l2tp a few days ago and am still looking for a solution to my problem. I would like to use certificates instead of PSK, but when i'm trying to add new connection, there is no place to add certs. I think i've installed everythingexactly with docs, and i don't know where's the problem. Is NetworkManager-l2tp using /etc/ipsec.conf ? (in my file everything is commented). If i will know where to find config file i could simply use it, what will be even better for me.

I will be very grateful for your help as I have had this problem for some time and I am very keen to get it fixed quickly.

[dkosovic]

You didn't mention which linux distribution or which version of NetworkManager-l2tp you are using.

For certificate support, you need to be using NetworkManager-l2tp >= 1.8.0.

If you are using KDE, for certificate support you need to be using plasma-nm >= 5.19.

As Debian/Ubuntu don't consider OpenSSL a system library, it is a GPL violation for NetworkManger-l2tp to link against OpenSSL <= 3.0.0. So I've created network-manager-l2tp 1.8.2 packages (linked against OpenSSL 3.0.0 alpha) for Ubuntu if you want to use certificates :

• https://launchpad.net/~nm-l2tp/+archive/ubuntu/network-manager-l2tp-certificate

Fedora and many other Linux distros consider OpenSSL to be a system library, so have certificate support with NetworkManager-l2tp >= 1.8.0.

[dkosovic]

For the run-time generated config files, see the README.md file :

• https://github.com/nm-l2tp/NetworkManager-l2tp#run-time-generated-files

Those config files normally get deleted at the end of the connection unless you are using debugging mode (i.e. nm-l2tp-service --debug , see the debugging section of the README.md file)

[pawel-zajac90]

Woooooow it works :D Thank You for Your help :D I've wasted so much time... About config files: they exists only when vpn is running, is somwhere file which is template?

[dkosovic]

No templates are used for the config files. there are too many variations to use template files. If you want to change something in the config file, you would need to modify the source code.

The config files only exist when when the VPN is running, except if started in debug mode.

[pawel-zajac90]

I am looking for a possibility to automate the addition of a VPN connection by users. Could you please advise me if it is better to do this by adding a new connection in / etc / NetworkManager / system-connections or maybe it is possible to create a file that allows the 'import from file' (ubuntu) option?

[dkosovic]

NetworkManager-l2tp-1.8.6 can directly import config files,

Alternatively with older versions, see the following command-line usage for the VPN connection profile files which are stored under /etc/NetworkManager/system-connections/, in particular the nmcli con reload command :

• https://askubuntu.com/questions/1181591/commandline-l2tp-connection

[pawel-zajac90]

I'm not sure how to create this config file, so i will use cli ;) thanks a lot!

[dkosovic]

Sorry I meant NetworkManager-l2tp-1.8.6 has native export and import, but the exported files are practically the same as existing files from /etc/NetworkManager/system-connections/.

I'll close this issue.