Support libreswan >= 4.0
On a recent upgrade to Fedora 33, my VPN stopped working. Checking the NetworkManager logs I found:
cannot load config '-': -:13: syntax error [leftxauthusername]
Apparently the use of leftxauthusername
is not valid anymore and we should use leftusername
instead. Quote from here:
The username associated with this connection. The username can be the IKEv2 XAUTH username, a GSSAPI username or IKEv2 CP username. For the XAUTH username, the XAUTH password can be configured in the ipsec.secrets file. This option was previously called leftxauthusername.
As far as I can tell, there are other options that have been changed as well but I do not know if NetworkManager-libreswan uses them:
-
ike_frag
is not accepted anymore. Is itfragmentation
now? -
remote_peer_type
isremote-peer-type
now - Possibly others
Furthermore, from here, libreswan offers a compile time option to permit the old style but this will be changed in version 4.4
Edited by Marc Deop