Yast VPN Opensuse 15.6

tommyrich · September 23, 2025, 12:11pm

Wanting to get strongswan to work with YAST VPN server.
I’ve kind of followed this OpenSuse Forum page

. I’ve tried testing it with Windows 8 and on a Android Cellphone with strongSwan App. No connection
I just find there is very little out there to do with using YAST VPN , which I would like to stick to, as it has the monitoring support.

conn androidipsec
auto = add
keyexchange = ikev1
left = %defaultroute
leftauth = psk
leftsubnet = 0.0.0.0/0
right = %any
rightauth = psk
rightauth2 = xauth
rightsourceip = 192.168.1.3 192.168.100.0/24
fragmentation = yes
dpdaction = clear
dpdtimeout = 600
dpddelay = 60
conn windows
auto = add
keyexchange = ikev2
rekey = no
left = %defaultroute
leftcert = /etc/ipsec.d/certs/serverCert.pem
leftauth = pubkey
leftsubnet = 0.0.0.0/0
right = %any
rightsendcert = never
rightauth = eap-mschapv2
rightsourceip = 192.168.1.3 192.168.1.200-192.168.1.240
eap_identity = %any
esp = aes256-sha1!
ike = aes256-sha1-modp1024!
fragmentation = yes
dpdaction = clear
dpdtimeout = 600
dpddelay = 60

Wolfheri · September 23, 2025, 12:41pm

Hello,

Yast is dead ; the future is cockpit.

strongSwan describe itself as an “Open-source, modular and portable IPsec-based VPN solution”

Cockpit network support this type of VPN :

Good afternoon

hui · September 23, 2025, 12:48pm

networkmanger in openSUSE provides full strongswan support. Installing the relevant strongswan networkmanger packages and applets should suffice to be able to configure them succesfully.

There is also documentation available
https://docs.strongswan.org/docs/latest/features/networkManager.html#_configuration

tommyrich · September 25, 2025, 7:13am

I had a look at cockpit, still very underdeveloped compared to webmin. The module is for Nethserver which is developed from Red Hat / Fedora, the source code is not compatible with OpenSuse development tools.
I am using wicked as the network manager.
I was really hoping it was going to be cut and dry. To get help for the connection to work for Windows and Cellphone connection.

deano_ferrari · September 25, 2025, 8:30am

Are you open to switching to NetworkManager? It can be configured to support system-wide connections.

tommyrich · September 26, 2025, 12:48pm

I’m using strongswan as a server side, not client side connection.

system · November 3, 2025, 1:28pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.