Strongswan upstream provides a NetworkManager plugin. Attached (along with a slight modification to net-misc/strongswan) is a first attempt at an ebuild for this plugin. Tested and working on an amd64 machine with net-misc/networkmanager-0.7.1-r6 and attached ebuild for net-misc/strongswan-4.3.3. Reproducible: Always Steps to Reproduce: N/A
Created attachment 201197 [details] Initial ebuild for networkmanager-strongswan-1.1.1
Created attachment 201199 [details] Slightly modified version of net-misc/strongswan, added networkmanager useflag the sets --enable-nm
I should also note that the ebuild is largely copied from the ebuild for networkmanager-openvpn.
I have an ebuild based on Neil's work and I can maintain it if
I have a working nm plugin for strongswan working and I can maintain it if someone proxy me. I already maintain some package in gentoo by proxy. Before that I just need the networkmanager USE flag added to >=strongswan-5.0.3 Don't bother adding it to earlier versions, there is a known bug with nm-0.9 solved in the lastest version. See http://wiki.strongswan.org/issues/294 Let me know. Cheers
Created attachment 345194 [details] strongswan networkmanager plugin ebuild This is what I'm using right now. I use it to connect to my work IPsec VPN. The server is strongswan 4.5.2 for the record.
*** Bug 487594 has been marked as a duplicate of this bug. ***
According to https://wiki.strongswan.org/projects/strongswan/wiki/NetworkManager libgnomeui is required to build this plugin. Add >=gnome-base/libgnomeui-2.24.5-r1 to RDEPEND. During compilation, it fails with main.c:43:2: error: ‘gnome_keyring_find_network_password_sync’ is deprecated (declared at /usr/include/gnome-keyring-1/gnome-keyring.h:551): Use 'SECRET_SCHEMA_COMPAT_NETWORK' instead [-Werror=deprecated-declarations] if (gnome_keyring_find_network_password_sync(g_get_user_name(), NULL, name, ^ As an ugly work around that build error, I temporarily added -Wno-deprecated-declarations to CFLAGS and CXXFLAGS in /etc/portage/make.conf. I know there is a way to do that in the ebuild, but I am not familiar with the syntax. With this ebuild, the plugin seems to work with strongswan 5.3.4 on the server and client, and with networkmanager 1.0.12 on the client.
For anybody stumbling across this: it seems that under some circumstances network manager can set up strongswan-based VPN connections (ie, using charon-nm) without requiring net-misc/networkmanager-strongswan... https://forums.gentoo.org/viewtopic-p-7929088.html#7929088
I've filled a PR. (In reply to rick vernam from comment #8) > According to > https://wiki.strongswan.org/projects/strongswan/wiki/NetworkManager > libgnomeui is required to build this plugin. > Add >=gnome-base/libgnomeui-2.24.5-r1 to RDEPEND. > Seems no longer needed? I can build fine without it.
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ad8a3f59bc0ee32420c2335f49208de5cf38d467 commit ad8a3f59bc0ee32420c2335f49208de5cf38d467 Author: Conrad Kostecki <conrad@kostecki.com> AuthorDate: 2018-06-24 12:36:35 +0000 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: 2018-06-24 21:12:40 +0000 net-misc/networkmanager-strongswan: New package Closes: https://bugs.gentoo.org/571234 Closes: https://github.com/gentoo/gentoo/pull/7663 Package-Manager: Portage-2.3.40, Repoman-2.3.9 net-misc/networkmanager-strongswan/Manifest | 1 + net-misc/networkmanager-strongswan/metadata.xml | 15 ++++++++ .../networkmanager-strongswan-1.4.4.ebuild | 45 ++++++++++++++++++++++ 3 files changed, 61 insertions(+)