Re: [strongSwan] revisiting problem with linux to VPN using network-manager-strongswan 1.4.5-2.1
Hello David, Yes, that shows that it is working. Kind regards Noel Am 28.07.21 um 22:31 schrieb David H Durgee: I did a bit more checking and found references to "ip xfrm policy list" and "ip xfrm state list" as possible sources of the confirmation of operation I am seeking. I ran these commands with the VPN up and have attached the output of these commands. I am not trained in reading these reports, but what I see does appear to indicate that the VPN is indeed functioning and handling the traffic as requested. If someone who is trained could confirm this for me I would appreciate it. Dave Noel Kuntze wrote: Hello David, strongSwan by default builds policy based tunnels, not route based tunnels. Thus no interface is needed or created. Read up on how IPsec works on the wiki to get an understanding for it. GUI indicators are not inherently related to if any tunnel exists, or works. Kind regards Noel Am 01.07.21 um 20:31 schrieb David H Durgee: I thought it might make sense to revisit this after the progress that has been made. It now appears that the connection is being established: Jun 29 11:21:34 Z560 charon-nm: 11[IKE] authentication of 'durgeeenterprises.publicvm.com' with EAP successful Jun 29 11:21:34 Z560 charon-nm: 11[IKE] IKE_SA Durgee Enterprises, LLC[7] established between 192.168.1.114[dhdurgee]...108.31.28.59[durgeeenterprises.publicvm.com] Jun 29 11:21:34 Z560 charon-nm: 11[IKE] scheduling rekeying in 35705s Jun 29 11:21:34 Z560 charon-nm: 11[IKE] maximum IKE_SA lifetime 36305s Jun 29 11:21:34 Z560 charon-nm: 11[IKE] installing new virtual IP 10.10.10.1 Jun 29 11:21:34 Z560 avahi-daemon[750]: Registering new address record for 10.10.10.1 on wlp5s0.IPv4. Jun 29 11:21:34 Z560 charon-nm: 11[CFG] selected proposal: ESP:AES_CBC_256/HMAC_SHA1_96/NO_EXT_SEQ Jun 29 11:21:34 Z560 charon-nm: 11[IKE] CHILD_SA Durgee Enterprises, LLC{4} established with SPIs c8cad4e5_i c3f2eec4_o and TS 10.10.10.1/32 === 0.0.0.0/0 Jun 29 11:21:34 Z560 charon-nm: 11[IKE] peer supports MOBIKE Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.6991] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (IP Config Get) reply received. Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.6997] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN plugin: state changed: started (4) Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.6997] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (IP4 Config Get) reply received Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: VPN Gateway: 108.31.28.59 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Tunnel Device: (null) Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: IPv4 configuration: Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal Address: 10.10.10.1 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal Prefix: 32 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal Point-to-Point Address: 10.10.10.1 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal DNS: 8.8.8.8 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal DNS: 8.8.4.4 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: DNS Domain: '(none)' Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: No IPv6 configuration Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7013] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (IP Config Get) complete Unfortunately I am not seeing a tunnel interface being created and routing added: enp6s0: flags=4163 mtu 1500 ether b8:70:f4:2c:6b:9f txqueuelen 1000 (Ethernet) RX packets 1143393 bytes 1164336056 (
Re: [strongSwan] revisiting problem with linux to VPN using network-manager-strongswan 1.4.5-2.1
I did a bit more checking and found references to "ip xfrm policy list" and "ip xfrm state list" as possible sources of the confirmation of operation I am seeking. I ran these commands with the VPN up and have attached the output of these commands. I am not trained in reading these reports, but what I see does appear to indicate that the VPN is indeed functioning and handling the traffic as requested. If someone who is trained could confirm this for me I would appreciate it. Dave Noel Kuntze wrote: Hello David, strongSwan by default builds policy based tunnels, not route based tunnels. Thus no interface is needed or created. Read up on how IPsec works on the wiki to get an understanding for it. GUI indicators are not inherently related to if any tunnel exists, or works. Kind regards Noel Am 01.07.21 um 20:31 schrieb David H Durgee: I thought it might make sense to revisit this after the progress that has been made. It now appears that the connection is being established: Jun 29 11:21:34 Z560 charon-nm: 11[IKE] authentication of 'durgeeenterprises.publicvm.com' with EAP successful Jun 29 11:21:34 Z560 charon-nm: 11[IKE] IKE_SA Durgee Enterprises, LLC[7] established between 192.168.1.114[dhdurgee]...108.31.28.59[durgeeenterprises.publicvm.com] Jun 29 11:21:34 Z560 charon-nm: 11[IKE] scheduling rekeying in 35705s Jun 29 11:21:34 Z560 charon-nm: 11[IKE] maximum IKE_SA lifetime 36305s Jun 29 11:21:34 Z560 charon-nm: 11[IKE] installing new virtual IP 10.10.10.1 Jun 29 11:21:34 Z560 avahi-daemon[750]: Registering new address record for 10.10.10.1 on wlp5s0.IPv4. Jun 29 11:21:34 Z560 charon-nm: 11[CFG] selected proposal: ESP:AES_CBC_256/HMAC_SHA1_96/NO_EXT_SEQ Jun 29 11:21:34 Z560 charon-nm: 11[IKE] CHILD_SA Durgee Enterprises, LLC{4} established with SPIs c8cad4e5_i c3f2eec4_o and TS 10.10.10.1/32 === 0.0.0.0/0 Jun 29 11:21:34 Z560 charon-nm: 11[IKE] peer supports MOBIKE Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.6991] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (IP Config Get) reply received. Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.6997] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN plugin: state changed: started (4) Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.6997] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (IP4 Config Get) reply received Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: VPN Gateway: 108.31.28.59 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Tunnel Device: (null) Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: IPv4 configuration: Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal Address: 10.10.10.1 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal Prefix: 32 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal Point-to-Point Address: 10.10.10.1 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal DNS: 8.8.8.8 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal DNS: 8.8.4.4 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: DNS Domain: '(none)' Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: No IPv6 configuration Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7013] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (IP Config Get) complete Unfortunately I am not seeing a tunnel interface being created and routing added: enp6s0: flags=4163 mtu 1500 ether b8:70:f4:2c:6b:9f txqueuelen 1000 (Ethernet) RX packets 1143393 bytes 1164336056 (1.1 GB) RX errors 0 dropped 20 overruns 0 frame 0 TX packets 912738 bytes 112966285 (
Re: [strongSwan] revisiting problem with linux to VPN using network-manager-strongswan 1.4.5-2.1
I have done a little more looking around and would like to know if what I am seeing from nmcli confirms proper operation of my strongswan VPN. Here is what I see with wifi up but not the VPN: wlp5s0: connected to Auto Free WiFi by Karma "Broadcom and subsidiaries BCM4313" wifi (wl), AC:81:12:A4:5E:43, hw, mtu 1500 ip4 default inet4 192.168.1.114/24 route4 0.0.0.0/0 route4 192.168.1.0/24 route4 169.254.0.0/16 route4 192.168.1.0/24 inet6 fe80::562f:7604:6d84:57ca/64 route6 fe80::/64 enp6s0: disconnected "Realtek RTL810xE" 1 connection available ethernet (r8169), B8:70:F4:2C:6B:9F, autoconnect, hw, mtu 1500 lo: unmanaged "lo" loopback (unknown), 00:00:00:00:00:00, sw, mtu 65536 DNS configuration: servers: 192.168.1.1 interface: wlp5s0 When I enable the VPN this changes to show: Durgee Enterprises, LLC VPN connection master wlp5s0, VPN inet4 10.10.10.1/32 wlp5s0: connected to Auto Free WiFi by Karma "Broadcom and subsidiaries BCM4313" wifi (wl), AC:81:12:A4:5E:43, hw, mtu 1500 ip4 default inet4 192.168.1.114/24 inet4 10.10.10.1/32 route4 0.0.0.0/0 route4 192.168.1.0/24 route4 169.254.0.0/16 route4 192.168.1.0/24 route4 0.0.0.0/0 inet6 fe80::562f:7604:6d84:57ca/64 route6 fe80::/64 enp6s0: disconnected "Realtek RTL810xE" 1 connection available ethernet (r8169), B8:70:F4:2C:6B:9F, autoconnect, hw, mtu 1500 lo: unmanaged "lo" loopback (unknown), 00:00:00:00:00:00, sw, mtu 65536 DNS configuration: servers: 8.8.8.8 8.8.4.4 interface: wlp5s0 type: vpn servers: 192.168.1.1 interface: wlp5s0 Does this confirm proper operation of the VPN? If not, what other command will confirm it for me? Assuming this does indeed indicate proper operation of the VPN I will contact support for the applet that fails to indicate the VPN in proper operation for them to correct their display. Dave Noel Kuntze wrote: Hello David, strongSwan by default builds policy based tunnels, not route based tunnels. Thus no interface is needed or created. Read up on how IPsec works on the wiki to get an understanding for it. GUI indicators are not inherently related to if any tunnel exists, or works. Kind regards Noel Am 01.07.21 um 20:31 schrieb David H Durgee: I thought it might make sense to revisit this after the progress that has been made. It now appears that the connection is being established: Jun 29 11:21:34 Z560 charon-nm: 11[IKE] authentication of 'durgeeenterprises.publicvm.com' with EAP successful Jun 29 11:21:34 Z560 charon-nm: 11[IKE] IKE_SA Durgee Enterprises, LLC[7] established between 192.168.1.114[dhdurgee]...108.31.28.59[durgeeenterprises.publicvm.com] Jun 29 11:21:34 Z560 charon-nm: 11[IKE] scheduling rekeying in 35705s Jun 29 11:21:34 Z560 charon-nm: 11[IKE] maximum IKE_SA lifetime 36305s Jun 29 11:21:34 Z560 charon-nm: 11[IKE] installing new virtual IP 10.10.10.1 Jun 29 11:21:34 Z560 avahi-daemon[750]: Registering new address record for 10.10.10.1 on wlp5s0.IPv4. Jun 29 11:21:34 Z560 charon-nm: 11[CFG] selected proposal: ESP:AES_CBC_256/HMAC_SHA1_96/NO_EXT_SEQ Jun 29 11:21:34 Z560 charon-nm: 11[IKE] CHILD_SA Durgee Enterprises, LLC{4} established with SPIs c8cad4e5_i c3f2eec4_o and TS 10.10.10.1/32 === 0.0.0.0/0 Jun 29 11:21:34 Z560 charon-nm: 11[IKE] peer supports MOBIKE Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.6991] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (IP Config Get) reply received. Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.6997] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN plugin: state changed: started (4) Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.6997] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (IP4 Config Get) reply received Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: VPN Gateway: 108.31.28.59 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Tunnel Device: (null) Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: IPv4 configuration: Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal Address: 10.10.10.1 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal Prefix: 32 Jun 29 11:2
Re: [strongSwan] revisiting problem with linux to VPN using network-manager-strongswan 1.4.5-2.1
I am replying to my own post as I just noticed in the extract from syslog that the VPN does NOT appear to be working properly, as I just noticed that the VPN is be deactivated a few seconds after being established for some unknown reason. Is this extract sufficient for someone to tell me how to fix this? If not, what additional information do you need, either from the laptop or the server? I believe I have posted configuration files from both sides in this thread, but let me know if you need more information. Dave David H Durgee wrote: I brought up the VPN over a WiFi connection this morning for a few minutes in hopes of confirming it is operating correctly and securing the internet traffic. Here are results in the terminal window: dhdurgee@z560:~/Downloads$ ip rule 0: from all lookup local 220: from all lookup 220 32766: from all lookup main 32767: from all lookup default dhdurgee@z560:~/Downloads$ ip route default via 192.168.1.1 dev wlp5s0 proto dhcp metric 600 169.254.0.0/16 dev wlp5s0 scope link metric 1000 192.168.1.0/24 dev wlp5s0 proto kernel scope link src 192.168.1.114 metric 600 dhdurgee@z560:~/Downloads$ ifconfig enp6s0: flags=4163 mtu 1500 ether b8:70:f4:2c:6b:9f txqueuelen 1000 (Ethernet) RX packets 6620471 bytes 6659611738 (6.6 GB) RX errors 0 dropped 113 overruns 0 frame 0 TX packets 5400612 bytes 627288507 (627.2 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73 mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10 loop txqueuelen 1000 (Local Loopback) RX packets 607593 bytes 59022846 (59.0 MB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 607593 bytes 59022846 (59.0 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 wlp5s0: flags=4163 mtu 1500 inet 192.168.1.114 netmask 255.255.255.0 broadcast 192.168.1.255 inet6 fe80::562f:7604:6d84:57ca prefixlen 64 scopeid 0x20 ether ac:81:12:a4:5e:43 txqueuelen 1000 (Ethernet) RX packets 6987 bytes 5181997 (5.1 MB) RX errors 0 dropped 0 overruns 0 frame 77207 TX packets 7967 bytes 1225749 (1.2 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 device interrupt 17 dhdurgee@z560:~/Downloads$ route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default _gateway 0.0.0.0 UG 600 0 0 wlp5s0 link-local 0.0.0.0 255.255.0.0 U 1000 0 0 wlp5s0 192.168.1.0 0.0.0.0 255.255.255.0 U 600 0 0 wlp5s0 dhdurgee@z560:~/Downloads$ Here is an extract from my syslog: Jul 6 11:50:46 Z560 NetworkManager[758]: [1625586646.5967] manager: rfkill: Wi-Fi hardware radio set enabled Jul 6 11:50:46 Z560 NetworkManager[758]: [1625586646.5985] audit: op="radio-control" arg="wireless-enabled" pid=83 uid=1000 result="success" Jul 6 11:50:46 Z560 charon-nm: 11[KNL] interface wlp5s0 activated Jul 6 11:50:46 Z560 systemd[1]: Starting Load/Save RF Kill Switch Status... Jul 6 11:50:46 Z560 systemd[1]: Started Load/Save RF Kill Switch Status. Jul 6 11:50:46 Z560 wpa_supplicant[818]: dbus: fill_dict_with_properties dbus_interface=fi.w1.wpa_supplicant1.Interface.P2PDevice dbus_property=P2PDeviceConfig getter failed Jul 6 11:50:46 Z560 NetworkManager[758]: [1625586646.6794] sup-iface[0x562fdb83d4e0,wlp5s0]: supports 1 scan SSIDs Jul 6 11:50:46 Z560 NetworkManager[758]: [1625586646.6808] device (wlp5s0): supplicant interface state: starting -> ready Jul 6 11:50:46 Z560 NetworkManager[758]: [1625586646.6813] device (wlp5s0): state change: unavailable -> disconnected (reason 'supplicant-available', sys-iface-state: 'managed') Jul 6 11:50:46 Z560 wpa_supplicant[818]: wlp5s0: CTRL-EVENT-SCAN-FAILED ret=-22 Jul 6 11:50:46 Z560 kernel: [706888.708759] ERROR @wl_cfg80211_scan : Jul 6 11:50:46 Z560 kernel: [706888.708762] WLC_SCAN error (-22) Jul 6 11:50:48 Z560 NetworkManager[758]: [1625586648.4559] manager: rfkill: Wi-Fi now enabled by radio killswitch Jul 6 11:50:49 Z560 systemd[1]: NetworkManager-dispatcher.service: Succeeded. Jul 6 11:50:50 Z560 NetworkManager[758]: [1625586650.2774] policy: auto-activating connection 'Auto Free WiFi by Karma' (3ccc719b-3616-44f7-a914-8c7d0344c87a) Jul 6 11:50:50 Z560 NetworkManager[758]: [1625586650.2819] device (wlp5s0): Activation: starting connection 'Auto Free WiFi by Karma' (3ccc719b-3616-44f7-a914-8c7d0344c87a) Jul 6 11:50:50 Z560 NetworkManager[758]: [1625586650.2834] device (wlp5s0): state change: disconnected -> prepare (reason 'none', sys-iface-state: 'managed') Jul 6 11:50:50 Z560 NetworkManager[758]: [1625586650.2891] manager: NetworkManager state is now CONNECTING Jul 6 11:50:50 Z560 NetworkManager[758]: [1625586650.2955] device (wlp5s0): sta
Re: [strongSwan] revisiting problem with linux to VPN using network-manager-strongswan 1.4.5-2.1
I brought up the VPN over a WiFi connection this morning for a few minutes in hopes of confirming it is operating correctly and securing the internet traffic. Here are results in the terminal window: dhdurgee@z560:~/Downloads$ ip rule 0: from all lookup local 220: from all lookup 220 32766: from all lookup main 32767: from all lookup default dhdurgee@z560:~/Downloads$ ip route default via 192.168.1.1 dev wlp5s0 proto dhcp metric 600 169.254.0.0/16 dev wlp5s0 scope link metric 1000 192.168.1.0/24 dev wlp5s0 proto kernel scope link src 192.168.1.114 metric 600 dhdurgee@z560:~/Downloads$ ifconfig enp6s0: flags=4163 mtu 1500 ether b8:70:f4:2c:6b:9f txqueuelen 1000 (Ethernet) RX packets 6620471 bytes 6659611738 (6.6 GB) RX errors 0 dropped 113 overruns 0 frame 0 TX packets 5400612 bytes 627288507 (627.2 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73 mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10 loop txqueuelen 1000 (Local Loopback) RX packets 607593 bytes 59022846 (59.0 MB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 607593 bytes 59022846 (59.0 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 wlp5s0: flags=4163 mtu 1500 inet 192.168.1.114 netmask 255.255.255.0 broadcast 192.168.1.255 inet6 fe80::562f:7604:6d84:57ca prefixlen 64 scopeid 0x20 ether ac:81:12:a4:5e:43 txqueuelen 1000 (Ethernet) RX packets 6987 bytes 5181997 (5.1 MB) RX errors 0 dropped 0 overruns 0 frame 77207 TX packets 7967 bytes 1225749 (1.2 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 device interrupt 17 dhdurgee@z560:~/Downloads$ route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default _gateway 0.0.0.0 UG 600 0 0 wlp5s0 link-local 0.0.0.0 255.255.0.0 U 1000 0 0 wlp5s0 192.168.1.0 0.0.0.0 255.255.255.0 U 600 0 0 wlp5s0 dhdurgee@z560:~/Downloads$ Here is an extract from my syslog: Jul 6 11:50:46 Z560 NetworkManager[758]: [1625586646.5967] manager: rfkill: Wi-Fi hardware radio set enabled Jul 6 11:50:46 Z560 NetworkManager[758]: [1625586646.5985] audit: op="radio-control" arg="wireless-enabled" pid=83 uid=1000 result="success" Jul 6 11:50:46 Z560 charon-nm: 11[KNL] interface wlp5s0 activated Jul 6 11:50:46 Z560 systemd[1]: Starting Load/Save RF Kill Switch Status... Jul 6 11:50:46 Z560 systemd[1]: Started Load/Save RF Kill Switch Status. Jul 6 11:50:46 Z560 wpa_supplicant[818]: dbus: fill_dict_with_properties dbus_interface=fi.w1.wpa_supplicant1.Interface.P2PDevice dbus_property=P2PDeviceConfig getter failed Jul 6 11:50:46 Z560 NetworkManager[758]: [1625586646.6794] sup-iface[0x562fdb83d4e0,wlp5s0]: supports 1 scan SSIDs Jul 6 11:50:46 Z560 NetworkManager[758]: [1625586646.6808] device (wlp5s0): supplicant interface state: starting -> ready Jul 6 11:50:46 Z560 NetworkManager[758]: [1625586646.6813] device (wlp5s0): state change: unavailable -> disconnected (reason 'supplicant-available', sys-iface-state: 'managed') Jul 6 11:50:46 Z560 wpa_supplicant[818]: wlp5s0: CTRL-EVENT-SCAN-FAILED ret=-22 Jul 6 11:50:46 Z560 kernel: [706888.708759] ERROR @wl_cfg80211_scan : Jul 6 11:50:46 Z560 kernel: [706888.708762] WLC_SCAN error (-22) Jul 6 11:50:48 Z560 NetworkManager[758]: [1625586648.4559] manager: rfkill: Wi-Fi now enabled by radio killswitch Jul 6 11:50:49 Z560 systemd[1]: NetworkManager-dispatcher.service: Succeeded. Jul 6 11:50:50 Z560 NetworkManager[758]: [1625586650.2774] policy: auto-activating connection 'Auto Free WiFi by Karma' (3ccc719b-3616-44f7-a914-8c7d0344c87a) Jul 6 11:50:50 Z560 NetworkManager[758]: [1625586650.2819] device (wlp5s0): Activation: starting connection 'Auto Free WiFi by Karma' (3ccc719b-3616-44f7-a914-8c7d0344c87a) Jul 6 11:50:50 Z560 NetworkManager[758]: [1625586650.2834] device (wlp5s0): state change: disconnected -> prepare (reason 'none', sys-iface-state: 'managed') Jul 6 11:50:50 Z560 NetworkManager[758]: [1625586650.2891] manager: NetworkManager state is now CONNECTING Jul 6 11:50:50 Z560 NetworkManager[758]: [1625586650.2955] device (wlp5s0): state change: prepare -> config (reason 'none', sys-iface-state: 'managed') Jul 6 11:50:50 Z560 NetworkManager[758]: [1625586650.2994] device (wlp5s0): Activation: (wifi) connection 'Auto Free WiFi by Karma' requires no security. No secrets needed. Jul 6 11:50:50 Z560 NetworkManager[758]: [1625586650.2997] Config: added 'ssid' value 'Free WiFi by Karma' Jul 6 11:50:50 Z560 NetworkManager[758]: [1625586650.2998] Config: added 'scan_ssid' value '1' Jul 6 11:50:50 Z560 NetworkManager[758]: [1625586650.2999] Config: added 'bgscan' value 'simple:3
Re: [strongSwan] revisiting problem with linux to VPN using network-manager-strongswan 1.4.5-2.1
So strongSwan works differently than the vpn I was using previously. Fine. I see in the log messages that appear to indicate that the tunnel was successfully established. How can I confirm that the configuration is working to secure all internet traffic via the WiFi connection? I assume that there are some commands that I could issue in a linux terminal window whose output would assure me of this. In the case of the previous vpn it created a tun interface and routed traffic to that interface, which could be confirmed with the ifconfig and route commands. What commands would show me confirmation that my internet traffic is being properly encrypted? I do not at present have the full strongSwan package installed on the laptop, only the packages that work with NetworkManager. I can install additional packages if necessary, but would need to be sure that doing so would not undo work already done to reach the current point of successful connection. Dave Noel Kuntze wrote: Hello David, strongSwan by default builds policy based tunnels, not route based tunnels. Thus no interface is needed or created. Read up on how IPsec works on the wiki to get an understanding for it. GUI indicators are not inherently related to if any tunnel exists, or works. Kind regards Noel Am 01.07.21 um 20:31 schrieb David H Durgee: I thought it might make sense to revisit this after the progress that has been made. It now appears that the connection is being established: Jun 29 11:21:34 Z560 charon-nm: 11[IKE] authentication of 'durgeeenterprises.publicvm.com' with EAP successful Jun 29 11:21:34 Z560 charon-nm: 11[IKE] IKE_SA Durgee Enterprises, LLC[7] established between 192.168.1.114[dhdurgee]...108.31.28.59[durgeeenterprises.publicvm.com] Jun 29 11:21:34 Z560 charon-nm: 11[IKE] scheduling rekeying in 35705s Jun 29 11:21:34 Z560 charon-nm: 11[IKE] maximum IKE_SA lifetime 36305s Jun 29 11:21:34 Z560 charon-nm: 11[IKE] installing new virtual IP 10.10.10.1 Jun 29 11:21:34 Z560 avahi-daemon[750]: Registering new address record for 10.10.10.1 on wlp5s0.IPv4. Jun 29 11:21:34 Z560 charon-nm: 11[CFG] selected proposal: ESP:AES_CBC_256/HMAC_SHA1_96/NO_EXT_SEQ Jun 29 11:21:34 Z560 charon-nm: 11[IKE] CHILD_SA Durgee Enterprises, LLC{4} established with SPIs c8cad4e5_i c3f2eec4_o and TS 10.10.10.1/32 === 0.0.0.0/0 Jun 29 11:21:34 Z560 charon-nm: 11[IKE] peer supports MOBIKE Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.6991] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (IP Config Get) reply received. Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.6997] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN plugin: state changed: started (4) Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.6997] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (IP4 Config Get) reply received Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: VPN Gateway: 108.31.28.59 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Tunnel Device: (null) Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: IPv4 configuration: Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal Address: 10.10.10.1 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal Prefix: 32 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal Point-to-Point Address: 10.10.10.1 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal DNS: 8.8.8.8 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal DNS: 8.8.4.4 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: DNS Domain: '(none)' Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: No IPv6 configuration Jun 29 11:21:34 Z560 NetworkManager[758]:
Re: [strongSwan] revisiting problem with linux to VPN using network-manager-strongswan 1.4.5-2.1
Hello David, strongSwan by default builds policy based tunnels, not route based tunnels. Thus no interface is needed or created. Read up on how IPsec works on the wiki to get an understanding for it. GUI indicators are not inherently related to if any tunnel exists, or works. Kind regards Noel Am 01.07.21 um 20:31 schrieb David H Durgee: I thought it might make sense to revisit this after the progress that has been made. It now appears that the connection is being established: Jun 29 11:21:34 Z560 charon-nm: 11[IKE] authentication of 'durgeeenterprises.publicvm.com' with EAP successful Jun 29 11:21:34 Z560 charon-nm: 11[IKE] IKE_SA Durgee Enterprises, LLC[7] established between 192.168.1.114[dhdurgee]...108.31.28.59[durgeeenterprises.publicvm.com] Jun 29 11:21:34 Z560 charon-nm: 11[IKE] scheduling rekeying in 35705s Jun 29 11:21:34 Z560 charon-nm: 11[IKE] maximum IKE_SA lifetime 36305s Jun 29 11:21:34 Z560 charon-nm: 11[IKE] installing new virtual IP 10.10.10.1 Jun 29 11:21:34 Z560 avahi-daemon[750]: Registering new address record for 10.10.10.1 on wlp5s0.IPv4. Jun 29 11:21:34 Z560 charon-nm: 11[CFG] selected proposal: ESP:AES_CBC_256/HMAC_SHA1_96/NO_EXT_SEQ Jun 29 11:21:34 Z560 charon-nm: 11[IKE] CHILD_SA Durgee Enterprises, LLC{4} established with SPIs c8cad4e5_i c3f2eec4_o and TS 10.10.10.1/32 === 0.0.0.0/0 Jun 29 11:21:34 Z560 charon-nm: 11[IKE] peer supports MOBIKE Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.6991] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (IP Config Get) reply received. Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.6997] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN plugin: state changed: started (4) Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.6997] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (IP4 Config Get) reply received Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: VPN Gateway: 108.31.28.59 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Tunnel Device: (null) Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: IPv4 configuration: Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal Address: 10.10.10.1 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal Prefix: 32 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal Point-to-Point Address: 10.10.10.1 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal DNS: 8.8.8.8 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal DNS: 8.8.4.4 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: DNS Domain: '(none)' Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: No IPv6 configuration Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7013] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (IP Config Get) complete Unfortunately I am not seeing a tunnel interface being created and routing added: enp6s0: flags=4163 mtu 1500 ether b8:70:f4:2c:6b:9f txqueuelen 1000 (Ethernet) RX packets 1143393 bytes 1164336056 (1.1 GB) RX errors 0 dropped 20 overruns 0 frame 0 TX packets 912738 bytes 112966285 (112.9 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73 mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10 loop txqueuelen 1000 (Local Loopback) RX packets 95404 bytes 9207887 (9.2 MB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 95404 bytes 9207887 (9.2 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 wlp5s0: flags=4163 mtu 1500 inet 192.168.1.114 netmask 255.2
[strongSwan] revisiting problem with linux to VPN using network-manager-strongswan 1.4.5-2.1
I thought it might make sense to revisit this after the progress that has been made. It now appears that the connection is being established: Jun 29 11:21:34 Z560 charon-nm: 11[IKE] authentication of 'durgeeenterprises.publicvm.com' with EAP successful Jun 29 11:21:34 Z560 charon-nm: 11[IKE] IKE_SA Durgee Enterprises, LLC[7] established between 192.168.1.114[dhdurgee]...108.31.28.59[durgeeenterprises.publicvm.com] Jun 29 11:21:34 Z560 charon-nm: 11[IKE] scheduling rekeying in 35705s Jun 29 11:21:34 Z560 charon-nm: 11[IKE] maximum IKE_SA lifetime 36305s Jun 29 11:21:34 Z560 charon-nm: 11[IKE] installing new virtual IP 10.10.10.1 Jun 29 11:21:34 Z560 avahi-daemon[750]: Registering new address record for 10.10.10.1 on wlp5s0.IPv4. Jun 29 11:21:34 Z560 charon-nm: 11[CFG] selected proposal: ESP:AES_CBC_256/HMAC_SHA1_96/NO_EXT_SEQ Jun 29 11:21:34 Z560 charon-nm: 11[IKE] CHILD_SA Durgee Enterprises, LLC{4} established with SPIs c8cad4e5_i c3f2eec4_o and TS 10.10.10.1/32 === 0.0.0.0/0 Jun 29 11:21:34 Z560 charon-nm: 11[IKE] peer supports MOBIKE Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.6991] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (IP Config Get) reply received. Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.6997] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN plugin: state changed: started (4) Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.6997] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (IP4 Config Get) reply received Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: VPN Gateway: 108.31.28.59 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Tunnel Device: (null) Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: IPv4 configuration: Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal Address: 10.10.10.1 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal Prefix: 32 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal Point-to-Point Address: 10.10.10.1 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal DNS: 8.8.8.8 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal DNS: 8.8.4.4 Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: DNS Domain: '(none)' Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: No IPv6 configuration Jun 29 11:21:34 Z560 NetworkManager[758]: [1624980094.7013] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (IP Config Get) complete Unfortunately I am not seeing a tunnel interface being created and routing added: enp6s0: flags=4163 mtu 1500 ether b8:70:f4:2c:6b:9f txqueuelen 1000 (Ethernet) RX packets 1143393 bytes 1164336056 (1.1 GB) RX errors 0 dropped 20 overruns 0 frame 0 TX packets 912738 bytes 112966285 (112.9 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73 mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10 loop txqueuelen 1000 (Local Loopback) RX packets 95404 bytes 9207887 (9.2 MB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 95404 bytes 9207887 (9.2 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 wlp5s0: flags=4163 mtu 1500 inet 192.168.1.114 netmask 255.255.255.0 broadcast 192.168.1.255 inet6 fe80::562f:7604:6d84:57ca prefixlen 64 scopeid 0x20 ether ac:81:12:a4:5e:43 txqueuelen 1000 (Ethernet) RX packets 5644 bytes 4264877 (4.2 MB) RX errors 0 dropped 0 overruns 0 frame 62520 TX packets 6377 bytes 1007195 (1.0 MB) TX errors 0 dropp