我通读了文档这里和这里。我的目标是仅配置 ip-sec VPN 连接nmcli。我运行 Ubuntu 20.04 Server,没有 X Server。我已经在另一台机器上有一个连接文件,所以我拥有所需的所有信息:
[connection]
id=myVPN
uuid=blabla-blabla-blabla
type=vpn
autoconnect=false
permissions=user:mark:;
[vpn]
IKE DH Group=dh2
IPSec ID=myID
IPSec gateway=myGateway
IPSec secret-flags=1
Local Port=0
NAT Traversal Mode=natt
Perfect Forward Secrecy=server
Vendor=cisco
Xauth password-flags=1
Xauth username=myUser
ipsec-secret-type=save
xauth-password-type=save
service-type=org.freedesktop.NetworkManager.vpnc
[ipv4]
dns-search=
method=auto
[ipv6]
addr-gen-mode=stable-privacy
dns-search=
method=auto
[proxy]
这是我的第一次尝试:
sudo nmcli connection add connection.id myVPN connection.type vpn connection.autoconnect false connection.permissions mark vpn.data {"IKE DH Group"="dh2" "IPSec ID"="myID" "IPSec gateway"="myGateway" "IPSec secret-flags"="1" "Local Port"="0" "NAT Traversal Mode"="natt" "Perfect Forward Secrecy"="server" "Vendor"="cisco" "Xauth password-flags"="1" "Xauth username"="myUser" "ipsec-secret-type"="save" "xauth-password-type"="save" } vpn.service-type=org.freedesktop.NetworkManager.vpnc
它失败并出现以下错误:
错误:<设置>.<属性> 'IPSec ID=myID' 无效
我理解它需要的是.而不是=分配键/值对。这是我的第二次尝试:
错误:无法修改 vpn.data:“{IKE DH Group.dh2”无效;使用=
现在它说相反的:它想要 `= 符号。设置这些键/值对的正确语法是什么?
答案1
如果您有配置,为什么不直接导入它呢?使用nmcli connection import命令。来自nmcli您的第一个链接的文档
import [--temporary] [type type] [file file]
Import an external/foreign configuration as a NetworkManager connection profile. The type of the input file is specified by type option.
Only VPN configurations are supported at the moment. The configuration is imported by NetworkManager VPN plugins. type values are the same as for vpn-type option in nmcli connection add. VPN configurations are imported by VPN plugins. Therefore the proper VPN plugin has to be installed so that nmcli could import the data.
The imported connection profile will be saved as persistent unless --temporary option is specified, in which case the new profile won't exist after NetworkManager restart.