NetworkManager, openswan and l2tp

Dan Williams dcbw at redhat.com
Fri Aug 26 20:48:01 UTC 2011 

On Fri, 2011-08-26 at 11:50 -0400, Avesh Agarwal wrote:
> On 08/26/2011 05:09 AM, Eberhard Schruefer wrote:
> > On 08/25/2011 13:57 -0500,  Dan Williams wrote:
> >
> > On Thu, 2011-08-25 at 11:00 +0200, Eberhard Schruefer wrote:
> >>>>   Hello,
> >>>>>   I need to connect to a site via l2tp/openswan. I can set up
> >>> openswan and
> >>>>   xl2tpd
> >>>>   manually and this works fine. However, bringing up the connection
> >>> is not
> >>>>   very
> >>>>   comfortable and it would be much nicer to be able to use the
> >>>>   networkmanager-openswan
> >>>>   plugin.
> >>>>   Unfortunately, l2tp and other 'advanced settings' cannot be
> >>> selected from
> >>>>   networkmanager-connection-editor. A quick look at the source code of
> >>>>   NetworkManager-openswan-1.7.0 shows that these options are
> >>> programmed,
> >>>>   but seem not to be available in Fedora 15.
> >> Which openswan sources are you looking at?
> > I'm referring to the networkmanager-openswan plugin source written by
> > Alexander Dorokhov
> > (hosted on xelerance). It seems that everything necessary to be set
> > through the UI is there and
> > also the code for bringing up xl2tpd. However, it looks like that
> > openswan itself has to be
> > compiled with HAVE_STATSD. It would be great if we could all have that
> > in FEDORA!
> HAVE_STATSD is disabled by openswan upstream by default. If the option 
> is enabled upstream in a future release,it will be in Fedora too.
> >>>>   Will these options eventually be set-able in Fedora?
> >> It's probable they will be but it might take some work.  AFAIK there
> >> isn't yet an L2TP VPN plugin for NM though I've heard of people working
> >> on one.
> >>
> >>>>   Would converting the glade file in NetworkManager-openswan-1.7.0 to
> >>>>   gtkbuilder
> >>>>   and a recompile of networkmanager-openswan suffice?
> >> As part of the NM 0.9 push we moved the existing NM-openvpn plugin to
> >> git.gnome.org and cleaned it up, including converting to GtkBuilder.
> >> But that alone wouldn't magically make L2TP work unless the right
> >> options were added to the UI.
> > I think to vaguely remember that these options were available in very
> > early releases of the openswan
> > networkmanager plugin, but disappeared in later versions. What was
> > reason for that?
> The red hat implementation hosted at git.gnome.org never had L2TP 
> options, and so these option were never in Fedora.

Would be cool if we could add it though...  TBH I'm not actually
familiar with how the layering works with L2TP, since I thought it was
more standalone like PPTP but just somehow better.  My lack of knowledge
about L2TP could fill a barrel, simply because I haven't had time to
investigate.  If others know more, by all means, help us out with
patches.

Dan

> >
> > Eberhard
> -- 
> Thanks and Regards
> Avesh
>

More information about the devel mailing list