On Thu, Nov 8, 2018 at 8:04 PM Rick Stevens <ricks@xxxxxxxxxxxxxx> wrote: > > > > I am trying to configure a VPN-L2TP network via NetworkManager. To > > accomplish that, I need to have the option > > > > "Link-Local Only" > > > > on the IPv6 settings, but unfortunately such an option is not > > available. Any ideas? > > You could (as root): > > 1. Run "nmcli connections show" and find the UUID of the VPN > connection you want to bugger. > > 2. Run "nmcli connection edit <UUID>" to edit the connection. > > 3. Enter "set ipv6.method link-local" at the "nmcli>" prompt to > change it to link-local. > > 4. Type "save" at the "nmcli>" prompt to save the updated > connection. > > 5. Type "quit" at the "nmcli>" prompt to exit the editor. > > That oughta do it. And no, the GUI doesn't offer this setting that I can > find. Both IPV4 and IPV6 default to "method: auto". Thanks, Rick, for your precious help. It worked! However, when I try to establish the VPN, I get the problems below. I guess that is related to Selinux. What do you think? Paul ----------------- Nov 08 20:26:38 xhost NetworkManager[8715]: <info> [1541708798.0692] audit: op="connection-activate" uuid="8235f185-3bc9-434e-b6de-4e2bbd42d18d" name="VPN connection 1" pid=12579 uid=1000 > Nov 08 20:26:38 xhost NetworkManager[8715]: <info> [1541708798.0772] vpn-connection[0x556296d9a570,8235f185-3bc9-434e-b6de-4e2bbd42d18d,"VPN connection 1",0]: Started the VPN service, PID > Nov 08 20:26:38 xhost NetworkManager[8715]: <info> [1541708798.0890] vpn-connection[0x556296d9a570,8235f185-3bc9-434e-b6de-4e2bbd42d18d,"VPN connection 1",0]: Saw the service appear; activ> Nov 08 20:26:38 xhost NetworkManager[8715]: <info> [1541708798.2128] vpn-connection[0x556296d9a570,8235f185-3bc9-434e-b6de-4e2bbd42d18d,"VPN connection 1",0]: VPN connection: (ConnectInter> Nov 08 20:26:38 xhost nm-l2tp-service[12623]: Check port 1701 Nov 08 20:26:38 xhost NetworkManager[8715]: Stopping strongSwan IPsec failed: starter is not running Nov 08 20:26:40 xhost NetworkManager[8715]: Starting strongSwan 5.7.1 IPsec [starter]... Nov 08 20:26:40 xhost NetworkManager[8715]: charon is already running (/var/run/charon.pid exists) -- skipping daemon start Nov 08 20:26:40 xhost NetworkManager[8715]: Loading config setup Nov 08 20:26:40 xhost NetworkManager[8715]: Loading conn '8235f185-3bc9-434e-b6de-4e2bbd42d18d' Nov 08 20:26:40 xhost ipsec_starter[12644]: Starting strongSwan 5.7.1 IPsec [starter]... Nov 08 20:26:40 xhost ipsec_starter[12644]: charon is already running (/var/run/charon.pid exists) -- skipping daemon start Nov 08 20:26:40 xhost ipsec_starter[12644]: Loading config setup Nov 08 20:26:40 xhost ipsec_starter[12644]: Loading conn '8235f185-3bc9-434e-b6de-4e2bbd42d18d' Nov 08 20:26:40 xhost NetworkManager[8715]: found netkey IPsec stack Nov 08 20:26:40 xhost ipsec_starter[12644]: found netkey IPsec stack Nov 08 20:26:40 xhost charon[4192]: 13[CFG] rereading secrets Nov 08 20:26:40 xhost charon[4192]: 13[CFG] loading secrets from '/etc/strongswan/ipsec.secrets' Nov 08 20:26:40 xhost charon[4192]: 13[CFG] loading secrets from '/etc/strongswan/ipsec.d/nm-l2tp-ipsec-8235f185-3bc9-434e-b6de-4e2bbd42d18d.secrets' Nov 08 20:26:40 xhost charon[4192]: 13[CFG] loaded IKE secret for %any Nov 08 20:26:40 xhost charon[4192]: 13[CFG] loading secrets from '/etc/strongswan/ipsec.d/nm-l2tp-ipsec-c79095eb-1ad5-43ea-859a-8d9a71c2ddd3.secrets' Nov 08 20:26:40 xhost charon[4192]: 13[CFG] loaded IKE secret for %any Nov 08 20:26:40 xhost charon[4192]: 01[CFG] received stroke: initiate '8235f185-3bc9-434e-b6de-4e2bbd42d18d' Nov 08 20:26:40 xhost charon[4192]: 01[CFG] no config named '8235f185-3bc9-434e-b6de-4e2bbd42d18d' Nov 08 20:26:40 xhost NetworkManager[8715]: no config named '8235f185-3bc9-434e-b6de-4e2bbd42d18d' Nov 08 20:26:40 xhost audit[12672]: AVC avc: denied { write } for pid=12672 comm="stroke" path="pipe:[168313]" dev="pipefs" ino=168313 scontext=system_u:system_r:ipsec_t:s0 tcontext=syst> Nov 08 20:26:40 xhost NetworkManager[8715]: Stopping strongSwan IPsec... Nov 08 20:26:40 xhost audit[12674]: AVC avc: denied { signal } for pid=12674 comm="strongswan" scontext=system_u:system_r:ipsec_mgmt_t:s0 tcontext=system_u:system_r:ipsec_t:s0 tclass=pro> Nov 08 20:26:48 xhost charon[4192]: 10[IKE] sending keep alive to 122.111.25.141[4500] Nov 08 20:26:51 xhost audit[12674]: AVC avc: denied { sigkill } for pid=12674 comm="strongswan" scontext=system_u:system_r:ipsec_mgmt_t:s0 tcontext=system_u:system_r:ipsec_t:s0 tclass=pr> Nov 08 20:26:51 xhost nm-l2tp-service[12623]: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed Nov 08 20:26:51 xhost NetworkManager[8715]: <info> [1541708811.8303] vpn-connection[0x556296d9a570,8235f185-3bc9-434e-b6de-4e2bbd42d18d,"VPN connection 1",0]: VPN plugin: state changed: st> Nov 08 20:26:51 xhost NetworkManager[8715]: <info> [1541708811.8336] vpn-connection[0x556296d9a570,8235f185-3bc9-434e-b6de-4e2bbd42d18d,"VPN connection 1",0]: VPN service disappeared Nov 08 20:26:51 xhost NetworkManager[8715]: <warn> [1541708811.8348] vpn-connection[0x556296d9a570,8235f185-3bc9-434e-b6de-4e2bbd42d18d,"VPN connection 1",0]: VPN connection: failed to con> Nov 08 20:27:08 xhost charon[4192]: 07[IKE] sending keep alive to 122.111.25.141[4500] _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx