Comment # 1
on bug 1176735
from Juan Erbes
In my case Strongswan worked from some time, but for for about 5 months
strongswan don't hiddens my IP, and the monitor window of Yast VPN don't shows
nothing.
If I do: netstat -anp | more
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
PID/Program name
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
924/cupsd
tcp 0 0 0.0.0.0:3551 0.0.0.0:* LISTEN
925/apcupsd
tcp 0 0 192.168.1.5:46606 52.33.45.66:443 TIME_WAIT
-
tcp 0 0 127.0.0.1:43346 127.0.0.1:3551 TIME_WAIT
-
tcp 0 0 127.0.0.1:43316 127.0.0.1:3551 TIME_WAIT
-
tcp 0 0 127.0.0.1:43320 127.0.0.1:3551 TIME_WAIT
-
tcp 0 0 127.0.0.1:43330 127.0.0.1:3551 TIME_WAIT
-
tcp 0 0 127.0.0.1:43340 127.0.0.1:3551 TIME_WAIT
-
tcp 0 0 127.0.0.1:43326 127.0.0.1:3551 TIME_WAIT
-
tcp 0 0 127.0.0.1:43314 127.0.0.1:3551 TIME_WAIT
-
tcp 0 0 192.168.1.5:51212 172.217.162.10:443 TIME_WAIT
-
tcp 0 0 192.168.1.5:41062 172.217.172.110:443 ESTABLISHED
2553/firefox
tcp 0 0 127.0.0.1:43336 127.0.0.1:3551 TIME_WAIT
-
tcp 0 0 192.168.1.5:51214 172.217.162.10:443 TIME_WAIT
-
tcp 0 0 192.168.1.5:47574 172.217.172.35:443 ESTABLISHED
2553/firefox
tcp 0 0 192.168.1.5:51216 172.217.162.10:443 ESTABLISHED
2553/firefox
tcp 0 0 127.0.0.1:43348 127.0.0.1:3551 TIME_WAIT
-
tcp 0 0 127.0.0.1:43338 127.0.0.1:3551 TIME_WAIT
-
tcp 1 0 192.168.1.5:36730 13.227.69.22:443 CLOSE_WAIT
2895/plasma-browser
tcp 0 0 192.168.1.5:51442 190.225.183.177:443 TIME_WAIT
-
tcp 0 0 127.0.0.1:43344 127.0.0.1:3551 TIME_WAIT
-
tcp 0 0 127.0.0.1:43322 127.0.0.1:3551 TIME_WAIT
-
tcp 0 0 127.0.0.1:43334 127.0.0.1:3551 TIME_WAIT
-
tcp 0 0 127.0.0.1:43324 127.0.0.1:3551 TIME_WAIT
-
tcp 0 0 192.168.1.5:51446 190.225.183.177:443 TIME_WAIT
-
tcp 0 0 127.0.0.1:43342 127.0.0.1:3551 TIME_WAIT
-
tcp 0 0 127.0.0.1:43328 127.0.0.1:3551 TIME_WAIT
-
tcp 0 0 192.168.1.5:59762 64.233.186.189:443 ESTABLISHED
2553/firefox
tcp 0 0 192.168.1.5:36388 64.233.186.19:443 ESTABLISHED
2553/firefox
tcp 0 0 192.168.1.5:54138 44.235.189.138:443 ESTABLISHED
2553/firefox
tcp6 0 0 :::1716 :::* LISTEN
1887/kdeconnectd
udp 0 0 0.0.0.0:68 0.0.0.0:*
1237/charon-systemd
udp 0 0 0.0.0.0:68 0.0.0.0:*
1102/dhclient
udp 0 0 127.0.0.1:323 0.0.0.0:*
937/chronyd
udp 0 0 0.0.0.0:500 0.0.0.0:*
1237/charon-systemd
udp 0 0 224.0.0.56:9875 0.0.0.0:*
1912/pulseaudio
udp 0 0 192.168.1.5:34457 224.0.0.56:9875 ESTABLISHED
1912/pulseaudio
udp 0 0 192.168.1.5:59053 224.0.0.56:46286 ESTABLISHED
1912/pulseaudio
udp 0 0 0.0.0.0:4500 0.0.0.0:*
1237/charon-systemd
udp 0 0 0.0.0.0:45488 0.0.0.0:*
668/avahi-daemon: r
udp 0 0 0.0.0.0:5353 0.0.0.0:*
668/avahi-daemon: r
udp6 0 0 :::38672 :::*
668/avahi-daemon: r
udp6 0 0 ::1:323 :::*
937/chronyd
Strongswan works, but not in the right way, because it translates the internal
addresses to other port, like the external connections, but it continues to
show the IP address of my ISP.
But the real problem for me, is that YAST does not provide the correct
configuration interface for an external VPN server, where I can set the user
and password for that external VPN server.
The other configuration option for Yast is with a certificate, but it asks me
for the key for that certificate, when in fact the service provider does not
provide me with any key for their certificate.
Here are some example of configurations for other distros and with a provider
example:
https://www.personalvpn.com/support/linux/ikev2
https://www.personalvpn.com/support/linux/ipsec