NetworkManager VPN plugins

NetworkManager supports VPN connections for all popular VPN connections via plugins. The VPN plugin consists of the editor dialog and a D-Bus service that manages the actual VPN connection.

VPN Plugins maintained in GNOME

This is a list of VPN plugins that are maintained as GNOME projects:

NetworkManager-fortisslvpn (releases)

Fortinet SSLVPN compatible

NetworkManager-libreswan (releases)

IPsec IKEv1 VPN, Cisco compatible

NetworkManager-pptp (releases)

PPTP, Microsoft compatible

NetworkManager-openconnect (releases)

Cisco AnyConnect, Juniper, Pulse/Ivanti Secure, F5 BIG-IP, Fortinet SSLVPN, Array Networks SSL VPN, PAN GlobalProtect

NetworkManager-openvpn (releases)

OpenVPN

NetworkManager-vpnc (releases)

IPsec VPN, Cisco compatible

NetworkManager developers currently focus on maintaining a core set of VPN plugins, including NetworkManager-libreswan and NetworkManager-openvpn, which are critical for a broad range of users. We encourage the community and other developers interested in the diverse ecosystem of VPN technologies to contribute to the maintenance and development of the other plugins.

Natively supported by NetworkManager

WireGuard

NetworkManager 1.16.0+ supports WireGuard natively and not as VPN plugin

VPN Plugins maintained by third parties

There's also a couple of plugins which are not maintained by NetworkManager developers; but seem to work well for some people anyway. Visit their web sites to check them out:

NetworkManager-anyconnect

Plugin using the propritary Cisco AnyConnect VPN client

NetworkManager-iodine

Tunnel IP traffic via DNS using Iodine

NetworkManager-l2tp

L2TP compatible VPN plugin

NetworkManager-ssh

Connect using OpenSSH's Tunnel capability

NetworkManager-sstp

SSTP compatible VPN plugin

NetworkManager-strongswan

IKEv2 enables IPsec plugin with support for EAP, PSK and certificate authentication

NetworkManager-wireguard

WireGuard VPN plugin (Note that NetworkManager 1.16.0+ supports WireGuard natively)

Plugin compatibility note

NetworkManager maintains backward compatibility with older plugin versions. That means that the plugin version 0.9.10.0 will work with later NetworkManager versions, such as 1.2.

There's one exception to this: the editor plugins were ported to new libnm library in NetworkManager 1.2. The older version of the library can not coexist in a single process. Thus, the newer libnm-based nm-connection-editor will not be able to edit the VPN connections unless you also upgrade the VPN plugin.

For VPN plugins, the major-minor version indicates the minimal required NetworkManager version. It is therefore expected and correct that for certain NetworkManager versions there exists no matching VPN plugin version. For example, for NetworkManager-pptp might not exist a 1.4.0 version because the latest 1.2.x version is suitable and up-to-date to run against NetworkManager 1.4.0.

VPN Feature Wishlist

NetworkManager's VPN support is missing a few features which are required by VPN users and their corporate IT departments, sometimes forcing users to remain with proprietary third-party VPN client, or just to avoid NetworkManager and use tools like OpenVPN or OpenConnect from the command line instead. For an up-to-date and detailed list of requested VPN features and enhancements, please visit the VPN feature wishlist in the issue tracker.

Projects/NetworkManager/VPN (last edited 2024-02-16 15:42:33 by StanislasFaye)