Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP7:Update
NetworkManager-strongswan
README
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File README of Package NetworkManager-strongswan
NetworkManager allows configuration and control of VPN daemons through a plugin interface. We provide such a plugin for NetworkManager to configure road warrior clients for the most common setups. NetworkManager uses DBUS to communicate with a plugin loaded by the IKEv2 charon daemon. The plugin uses a certificate for gateway authentication and supports EAP and RSA authentication for client authentication. PSK is not supported, as it is considered insecure if the secrets are not strong enough. You can use any password based EAP method supported by strongSwan (MD5/GTC/MSCHAPv2) or private key authentication. Private keys are either stored in a file or accessed through your ready-to-use ssh-agent. You'll need a certificate matching that key. Starting with strongSwan 4.4.2 / NetworkManager-strongswan 1.2.0, private keys and certificates on a smartcard can be used. If you configure the gateway certificate directly on the clients, there are no requirements to the certificate. If you deploy CA certificates (supported in 4.3.1+), the gateway certificate will need a subjectAltName including the Hostname of the gateway (the same you enter in the clients configuration). Starting with version 4.3.5, you can also use preinstalled root CA certificates of your distribution, using the --with-nm-ca-dir configure option. Just don't specify any gateway/CA certificate to use preinstalled root certificates. CA certificates on a smartcard are automatically used.
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
