Hi all,
been using EndeavourOS on my old Lenovo T520 and had a VPN configured to my home’s router (AVM Fritz!Box 6660 Cable) using IPSec and set up as cisco compatible VPN (vpnc).
Back then I failed to get it running for days and eventually hired someone who clicked around just as cluelessly as me until it eventually worked (all the parameters like gateway, user- & group name / password were correct). Two years later, here I’m again with a Lenovo T580 and Intel AX210 card. I’ve run the Laptop’s hardware diagnostics and updated firmware first.
The last days, I’ve gone through the same hell once more, this time however assisted by ChatGPT.
I’ve tried to import used networks from my old laptop via a script using nmcli, generated out of the existing connections. That has worked in that sense, that all the connections showed up in the NetworkManager GUI with correct parameters, but connections often failed. I’ve just done another vanilla online install and added
networkmanager-vpnc
kwalletmanager
I often get a prompt for my home WiFi password when trying to connect. I can then verify the password still being present in kdewallet and NetworkManager’s GUI. Maybe some agent doesn’t communicate and feeds that password into the connection process?
sudo systemctl restart NetworkManager fixes it sometimes. Other times, it tries to connect for 1-2 minutes, aborts, retries and immediately connects.
My new T580 could connect to the VPN when connected to the home wifi, but when connected via my phone’s hotspot (using mobile data), it failed.
I’ve set up a new VPN user / connection in my router and set that vpn up on my old laptop via GUI. That worked out of the box as expected.
Neither laptop has any non-stock firewall, dhcp, dns or other network settings whatsoever.
Somewhere between the account creation on this forum and this moment, the VPN now also works via hotspot and is verified via public ip.
Sorry for this mess of a post. There’s still something messy going on with the Wifi passwords.
@Herbivore welcome to the forum!
Some questions and hints:
Why don’t you use wireguard with your FB 6660? It is much more safe and the performance on the FB is better than IPsec.
The howto at AVM is this:
https://avm.de/service/wissensdatenbank/dok/FRITZ-Box-6660-Cable/3685_WireGuard-VPN-zur-FRITZ-Box-am-Computer-einrichten/
To use wireguard with your laptops you need to create two different VPN connections as described in the howto in item 3.
Wireguard in Arch Linux / EndeavourOS is set up easily using following howto:
https://wiki.archlinux.org/title/WireGuard
The connection for NetworkManager is set up by nmcli, see here:
https://wiki.archlinux.org/title/WireGuard#NetworkManager
Hope it helps!