L2TP/IPSEC PSK unable to connect - lineageos-15.1-20190214-nightly-chiron
Expected Behavior
L2TP/IPSEC PSK VPNs can connect, giving a usable VPN connection, just like my old android-5.1/cyanogen phone.
Current Behavior
It always fails to connect, even when other devices (incl. an android-5.1/cyanogen phone and several desktop clients) succeed with identical settings.
Possible Solution
https://issuetracker.google.com/issues/37074640 might be relevant - apparently some kernel option was changed in android 6 that broke HMAC-SHA256 and it still isn't fixed in most android-8.1 kernels.
Comments 340 and 352 in that thread suggest some server-side workarounds to avoid the use of SHA256, but since my VPN comes from a provider I can't go changing their server-side settings.
Google says (in comment 354) they have issued a fix for Pixel and other Google phones, but other vendors must update their own kernels.
I haven't confirmed that this is the specific issue at hand, but it's the closest suspect I could find with a few hours of googling.
Steps to Reproduce
- Create or sign up for a VPN that supports L2TP/IPSEC PSK (eg Private Internet Access)
- Enter relevant details into settings -> Network & Internet -> VPN
- Attempt to use VPN.
- Note that devices running android-5.1 and desktop clients can connect successfully, but this build of LOS cannot (and according to the bug linked above, almost nothing since android-6 can)
/device chiron /version lineage-15.1 /date 2019-02-14 /kernel 4.4.78-perf+ (gcc version 4.9.x 20150123 (prerelease) (GCC) ) gitlab-runner@lineage-runner #1 Thu Feb 14 06:37:53 UTC 2019 /baseband AT20-0413_2142_d796ed9 /mods open-gapps pico, Magisk
I have read the directions.