Package Details: libreswan 5.1-1

Git Clone URL: https://aur.archlinux.org/libreswan.git (read-only, click to copy)
Package Base: libreswan
Description: IPsec implementation with IKEv1 and IKEv2 keying protocols
Upstream URL: https://libreswan.org/
Keywords: ipsec
Licenses: GPL, MPL
Conflicts: freeswan, ipsec-tools, openswan, strongswan
Submitter: abique
Maintainer: cedricroijakkers
Last Packager: cedricroijakkers
Votes: 46
Popularity: 0.004822
First Submitted: 2014-03-07 08:29 (UTC)
Last Updated: 2024-10-30 11:11 (UTC)

Latest Comments

« First ‹ Previous 1 2 3 4 5 6 7 Next › Last »

oddy commented on 2020-05-20 10:59 (UTC)

@defts is a lifesaver. As mentioned in https://github.com/libreswan/libreswan/issues/342 nss needs to be downgraded. In my case I have downgraded from nss 3.52.1 to nss 3.51.1-1 and rebuilt libreswan. This fixes the issue.

defts commented on 2020-05-20 09:40 (UTC) (edited on 2020-05-20 09:40 (UTC) by defts)

@squalou @oddy

same issue here
for a quick fix, you can downgrade nss to 3.51 and rebuild libreswan

downgrade nss 
yay --rebuild libreswan

i post that reponse here https://github.com/libreswan/libreswan/issues/342

squalou commented on 2020-05-20 09:33 (UTC) (edited on 2020-05-20 11:04 (UTC) by squalou)

issue here too with l2tp psk, and libreswan 3.32-1

Job for ipsec.service failed because a fatal signal was delivered causing the control process to dump core.

ipsec fails to start

downgrading do 3.31-1 ... does not help so far :( previous versions do not compile anymore

=> move to strongswan instead, which works in my case

oddy commented on 2020-05-20 07:54 (UTC)

the latest update of libreswan, 3.32-1 breaks XAUTH VPN for me with an exception

May 20 17:35:18 miniattic pluto[4467]: ABORT: ASSERTION FAILED: test_gcm_vectors(&ike_alg_encrypt_aes_gcm_16, aes_gcm_tests) (in test_ike_alg() at ike_alg_test.c:41)

This means I can no longer work from home. I will try to downgrade the package. I do not know if it's an upstream issue or not.

heapifyman commented on 2020-03-16 17:12 (UTC) (edited on 2020-04-01 08:06 (UTC) by heapifyman)

@tapia @tatumkhamun thanks.

I can connect to VPN again if I either switch to strongswan or adapt the phase 1 algorithm settings.

Unfortunately I am still not able to ssh into machines on the VPN. Although mounting network drives from the VPN does work...

I also had to change Identity → PPP Settings... → MTU to a value of 1200 to be able to use SSH again.

tapia commented on 2020-03-16 16:51 (UTC)

@heapifyman I meant adapting the phase1 algorithm setting.

tatumkhamun commented on 2020-03-16 14:55 (UTC)

@heapify that is the strongswan I downloaded. The only other package I had installed was networkmanager-l2tp so that it interfaced with the network manager. Everything else was then plugin and play.

heapifyman commented on 2020-03-16 13:55 (UTC) (edited on 2020-03-16 13:56 (UTC) by heapifyman)

@tatumkhamun Did you use the default strongswan package from here https://www.archlinux.org/packages/community/x86_64/strongswan/ or something from AUR?

Did you need to install any other packages? I currently use

in addition to libreswan.

heapifyman commented on 2020-03-16 13:51 (UTC)

@tapia which workaround do you mean? Adapting the phase1 algorithm settings or switching to strongswan?

tatumkhamun commented on 2020-03-16 09:19 (UTC)

@heapifyman Not exactly a solution, but I was able to get everything working by swapping to strongswan for now, as this was a time sensitive issue for me.

« First ‹ Previous 1 2 3 4 5 6 7 Next › Last »