Your browser is unsupported and squishy.

Captains log; This site was designed for the future of science! If you can't update your browser, this site just won't function or look right. However, feel free to browse it anyway. Where's Kif?

How to save VPN passwords with NetworkManger

5 Comments

I was having a lot of trouble with NetworkManager not saving my VPN group and user passwords. I'm guessing this is a bug and I did see some references to launchpad bugs while doing my googling to find a solution. However, it took me a while to figure it out. It requires a little editing of the system-connection files.

If you look in /etc/NetworkManager/system-connections/, you will see your connection files. Open one of them and change a few of the settings. The two settings I had to change/add were:

[vpn]
ipSec-secret-type=save    # This wasn't in the file
IPSec secret-flags=0      # This was set to 1 originally
xauth-password-type=save 
XAuth password-flags=0   

# This entire section didn't exist, I had to add it
[vpn-secrets]
XAuth password=some-password
IPSec secret=some-group-password

There are other things in the file, but I didn't have to change those. It's very Odd that nm-applet can't seem to figure this out. Quite a bug. Anyway, here is my entire file for reference:

[connection]
id=CiscoVPN
uuid=5513f555-ec88-4444-9818-6bee77785kska
type=vpn
autoconnect=false
timestamp=1331220616

[vpn]
service-type=org.freedesktop.NetworkManager.vpnc
NAT Traversal Mode=natt
ipsec-secret-type=save
IPSec secret-flags=0
xauth-password-type=save
IPSec ID=GroupId
IPSec gateway=10.0.0.1
Xauth password-flags=0
Xauth username=myname
IKE DH Group=dh2

[vpn-secrets]
Xauth password=mypassword
IPSec secret=mygrouppassword

[ipv4]
method=auto

Comments

I assumed it didn't save the password because it's attempting to be secure ;)

Posted by joshtronic, on

Passwords are supposed to be saved in the system keyring. This doesn't always work, and what brought me to this blog entry :-)

Posted by Matthew, on

Thanks, this helped me a lot - as our universities group password is not a secret, it's just fine to save it that way :)

Posted by Solfallsild, on

Thanks, this helped me a lot - as our universities group password is not a secret, it's just fine to save it that way :)

Posted by Solfallsild, on

Oh, thank you, thank, you thank you.. this was driving me nuts. I don't want to use gnome-keyring to store passwords for vpn, since that means I can't start up the vpn automatically on boot.

Posted by Sandra, on

Post a comment

The fields highlighted in red are required.
  • Markdown allowed in message.