Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    StrongSwan Client Linux no password dialog EAP-MSCHAPv2 [SOLVED]

    Scheduled Pinned Locked Moved IPsec
    2 Posts 1 Posters 3.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      mwhitcomb7
      last edited by

      Hi

      I am using this configuration: https://doc.pfsense.org/index.php/IKEv2_with_EAP-MSCHAPv2 and it is working awesome for Windows clients using the built-in Agile client on Windows 7/8.1/10. But…

      This is probably a package maintainer problem, but pfSense support is amazing so posting here first. When installing the StrongSwan packages with Ubuntu package sources (Linux Mint 17 & Ubuntu 14.04) the save password dialog box does not invoke when saving the vpn connection in the Network Connections dialog. Then when you open the Network Settings dialog and edit the connection under identity you get (Error: unable to load VPN connection editor) You can see the error here:

      http://askubuntu.com/questions/579159/unable-to-load-vpn-connection-editor-in-ubuntu-14-04-lts though this is for openVPN

      There are some compiler options available on StrongSwan website, most notably md4 being required for this config to work. There is no md4 package available on the multitude of package options available. Here is what is installed now:

      Mint17-PC log # dpkg –get-selections | grep strong
      libstrongswan install
      network-manager-strongswan install
      strongswan install
      strongswan-ike install
      strongswan-ikev2 install
      strongswan-nm install
      strongswan-plugin-dhcp install
      strongswan-plugin-eap-dynamic install
      strongswan-plugin-eap-md5 install
      strongswan-plugin-eap-mschapv2 install
      strongswan-plugin-eap-peap install
      strongswan-plugin-eap-radius install
      strongswan-plugin-eap-tls install
      strongswan-plugin-eap-ttls install
      strongswan-plugin-error-notify install
      strongswan-plugin-openssl install
      strongswan-plugin-radattr install
      strongswan-plugin-sqlite install
      strongswan-plugin-xauth-eap install
      strongswan-plugin-xauth-generic install
      strongswan-plugin-xauth-noauth install
      strongswan-starter install
      Mint17-PC log #

      If anyone has this working please post your installed packages and/or whatever you hacked to get this working. Going to package maintainer site  now. I will post my resolution regardless. TIA~!

      1 Reply Last reply Reply Quote 0
      • M Offline
        mwhitcomb7
        last edited by

        Hi

        Please see here: https://wiki.strongswan.org/issues/1062. It actually might work with the shipping 5.1.x binaries but I was already down the rabbit hole. Try this: Edit the /etc/NetworkManager/VPN/nm-strongswan-service.name file and under [GNOME] add "supports-external-ui-mode=true" without quotes. Create your connection using Network Connections in the NetworkManager applet. Invoke the connection and the save password dialog should popup. Otherwise follow the directions in the link above to build the package from source.

        This is only affecting Debian distros like Ubuntu and Mint. I tried many things including some ln -s to various places. If this does not work for you post back and we can find out what links need to be made.

        /M

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.