StrongSwan Client Linux no password dialog EAP-MSCHAPv2 [SOLVED]



  • Hi

    I am using this configuration: https://doc.pfsense.org/index.php/IKEv2_with_EAP-MSCHAPv2 and it is working awesome for Windows clients using the built-in Agile client on Windows 7/8.1/10. But…

    This is probably a package maintainer problem, but pfSense support is amazing so posting here first. When installing the StrongSwan packages with Ubuntu package sources (Linux Mint 17 & Ubuntu 14.04) the save password dialog box does not invoke when saving the vpn connection in the Network Connections dialog. Then when you open the Network Settings dialog and edit the connection under identity you get (Error: unable to load VPN connection editor) You can see the error here:

    http://askubuntu.com/questions/579159/unable-to-load-vpn-connection-editor-in-ubuntu-14-04-lts though this is for openVPN

    There are some compiler options available on StrongSwan website, most notably md4 being required for this config to work. There is no md4 package available on the multitude of package options available. Here is what is installed now:

    Mint17-PC log # dpkg –get-selections | grep strong
    libstrongswan install
    network-manager-strongswan install
    strongswan install
    strongswan-ike install
    strongswan-ikev2 install
    strongswan-nm install
    strongswan-plugin-dhcp install
    strongswan-plugin-eap-dynamic install
    strongswan-plugin-eap-md5 install
    strongswan-plugin-eap-mschapv2 install
    strongswan-plugin-eap-peap install
    strongswan-plugin-eap-radius install
    strongswan-plugin-eap-tls install
    strongswan-plugin-eap-ttls install
    strongswan-plugin-error-notify install
    strongswan-plugin-openssl install
    strongswan-plugin-radattr install
    strongswan-plugin-sqlite install
    strongswan-plugin-xauth-eap install
    strongswan-plugin-xauth-generic install
    strongswan-plugin-xauth-noauth install
    strongswan-starter install
    Mint17-PC log #

    If anyone has this working please post your installed packages and/or whatever you hacked to get this working. Going to package maintainer site  now. I will post my resolution regardless. TIA~!



  • Hi

    Please see here: https://wiki.strongswan.org/issues/1062. It actually might work with the shipping 5.1.x binaries but I was already down the rabbit hole. Try this: Edit the /etc/NetworkManager/VPN/nm-strongswan-service.name file and under [GNOME] add "supports-external-ui-mode=true" without quotes. Create your connection using Network Connections in the NetworkManager applet. Invoke the connection and the save password dialog should popup. Otherwise follow the directions in the link above to build the package from source.

    This is only affecting Debian distros like Ubuntu and Mint. I tried many things including some ln -s to various places. If this does not work for you post back and we can find out what links need to be made.

    /M