dkosovic
commented
7 years ago Due to the NO_PROPOSAL_CHOSEN error, I suspect you are using a newer version of strongSwan which has dropped the weaker ciphers for the default proposal and your VPN server expects one of the what is now considered weak ciphers.
With NetworkManager-l2tp 1.2.4 it has commit https://github.com/nm-l2tp/network-manager-l2tp/commit/45815d102a8871d3cf24f8f05145a2a31b3d3932 which re-adds the weaker ciphers which were removed from the defaults.
Also with that old version of NetworkManager-l2tp you are using, it trusted the exit status of strongSwan 'ipsec up' command to indicate if connection had been established, but as your log demonstrates the IPsec connection wasn't successful and it still tries to do a L2TP connection regardless. With commit https://github.com/nm-l2tp/network-manager-l2tp/commit/46bd4e1fee8488ad0fe8ef2ffccb5bcb5204c845 it now explicitly checks if the strongSwan connection was made.
I would recommend either using libreswan instead of strongswan, or upgrade to NetworkManager-l2tp 1.2.4.
Basrandir
I'm running archlinux and a few days ago updated to the latest kernel 4.8.13-1. Since then I haven't been able to get my VPN connection working. It was working just fine the last time I tried which was on the 8th. I think there might be some sort of pppd timeout issue but I'm not sure how to resolve that.
Here's the relevant log, I've replaced the ip address I'm trying to connect to with
<ip-address redacted>.http://pastebin.com/AmHQULuJ
I'm using StrongSwan and I'll be happy to provide any other information. Thanks for any help you can provide.