I use Fedora from long time ago and upgrade it to release when new release is coming.
I have L2TP VPN for connect to my office, everything was fine until I upgrade it to Fedora 42
Right now I can not connect to office
I see
I am also experiencing this issue. Tried reinstalling the packages and creating a new VPN connection with the same username and password but the error is still present.
IKEv1 is deprecated and disabled by default with Libreswan >= 5.0. Basically the Libreswan developers want to encourage users to move from L2TP/IPsec which in many cases is using weak or broken algorithms to the more secure IKEv2.
You can re-enable IKEv1 by uncommenting the #ikev1-policy=accept line in /etc/ipsec.conf, e.g:
sudo sed -i -e 's/#ikev1-policy=accept/ikev1-policy=accept/' /etc/ipsec.conf
I would also recommend commenting the blacklisting of the L2TP kernel modules, e.g.:
sudo sed -e '/blacklist l2tp_netlink/s/^b/#b/g' -i /etc/modprobe.d/l2tp_netlink-blacklist.conf
sudo sed -e '/blacklist l2tp_ppp/s/^b/#b/g' -i /etc/modprobe.d/l2tp_ppp-blacklist.conf
See the NetworkManager-l2tp README.md file for more details.
For debugging I recommend the following: sudo journalctl --no-hostname _COMM=nm-l2tp-service _COMM=ipsec _COMM=pluto _COMM=charon _COMM=kl2tpd _COMM=xl2tpd _COMM=pppd
@dkosovic Thank you for you help. It solved the problem.
The thing is, it’s not my choice that the company uses IPSec/L2TP, and since I am probably the only one using Fedora (if not Linux in general), I don’t think they will change it to something else in the near future. I am glad there is a workaround, though, and I hope it will remain an option.