Skip to content

Instantly share code, notes, and snippets.

@pastleo

pastleo/nm_l2tp_ipsec_vpn.md

Last active June 3, 2026 01:32
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save pastleo/aa3a9524664864c505d637b771d079c9 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save pastleo/aa3a9524664864c505d637b771d079c9 to your computer and use it in GitHub Desktop.
Download ZIP
setup L2TP IPSEC VPN in archlinux using NetworkManager
Raw
nm_l2tp_ipsec_vpn.md

setup L2TP IPsec VPN in archlinux using NetworkManager

install packages first:

yay -S xl2tpd strongswan networkmanager-l2tp

ref: https://wiki.archlinux.org/index.php/Openswan_L2TP/IPsec_VPN_client_setup yay: https://github.com/Jguer/yay

then reboot or systemctl restart NetworkManager

using commandline only

nmcli c add con-name CON_NAME type vpn vpn-type l2tp vpn.data 'gateway=GATEWAY_HOST, ipsec-enabled=yes, ipsec-psk=PRE_SHARED_KEY, password-flags=2, user=USERNAME'
nmcli c edit CON_NAME # interactive mode, type help for manual
nmcli c up CON_NAME
nmcli c down CON_NAME
nmcli c delete CON_NAME
  • password-flags=0 => Save password in plain text
  • password-flags=1 => Save encrypted password
  • password-flags=2 => Don't save password, ask when needed
    • when using this, nmcli c up CON_NAME --ask is needed

via GNOME/KDE Plasma GUI

GNOME

add vpn in gnome

options of l2tp ipsec

KDE PLASMA

add_vpn_in_kde

options_of_kde_l2tp_ipsec

  • Gateway is the ip of the vpn server
  • User name is the given user
  • Password can be left blank to enter when connecting
  • click IPsec Settings... button
    • Check Enable IPsec tunnel to L2TP host
    • paste PSK to Pre-shared key
    • IMPORTANT Uncheck Enable IPsec tunnel to L2TP host before click OK button, I think this is a bug
  • click Add button and enable
@daniel1n

daniel1n commented Sep 9, 2020

Copy link
Copy Markdown

I'm trying to connect to a “L2PT/IPSEC with preshared key” type VPN. ... Protocol (L2TP) which is the one that gives me the missing plugin error.

@ale10257

ale10257 commented Feb 11, 2021
edited
Loading

Copy link
Copy Markdown

nnetworkmanager-l2tp not in aur repositopy. It'is community repository https://archlinux.org/packages/community/x86_64/networkmanager-l2tp/
The command to install the plugin should be like thissudo pacman -S networkmanager-l2tp
It's work

@paklie

paklie commented Jan 27, 2022

Copy link
Copy Markdown

in my kde plasma, ipsec settings button is disabled. what package do i miss?

@Sepero

Sepero commented Dec 12, 2022

Copy link
Copy Markdown

Most simple and concise instructions I've found anywhere. Finding info on headless Linux vpn connection l2tp ipsec is near impossible. But one question, If using nmcli, then do we need the xl2tpd package?

(The "x" seems to imply it's for x11 xorg)

@profiluefter

profiluefter commented Apr 8, 2023

Copy link
Copy Markdown

(The "x" seems to imply it's for x11 xorg)

There's no relation between Xorg and xl2tpd. It's also used in embedded devices like OpenWRT router which do not run X11 (and xl2tpd does not have a GUI)

@siuoly

siuoly commented Nov 9, 2023

Copy link
Copy Markdown

Thanks ! I search several tutorial ,even the arch wiki, and only here is the solution.

@rucomcode

rucomcode commented Jul 22, 2025

Copy link
Copy Markdown

📡 Настройка L2TP/IPsec VPN в Manjaro (GNOME)

✅ Установить необходимые пакеты:

yay -S \
  networkmanager-l2tp \
  networkmanager-l2tp-gnome \
  libnma

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment