Connect Using IKEv2 on Linux
Last updated 15 Mar 2026 · 6 views
Linux supports IKEv2 through the strongSwan package and NetworkManager plugin.
Install
Ubuntu / Debian:
sudo apt install strongswan libcharon-extra-plugins libstrongswan-extra-plugins
For NetworkManager GUI integration:
sudo apt install network-manager-strongswan
Fedora / RHEL:
sudo dnf install strongswan strongswan-charon-nm NetworkManager-strongswan-gnome
Arch Linux:
sudo pacman -S strongswan networkmanager-strongswan
Connect via NetworkManager (GUI)
- Go to Settings → Network → VPN → +.
- Select "IPsec/IKEv2 (strongswan)".
- Configure:
- Name: PremierVPN UK
- Gateway:
uk.premiervpn.net - Certificate: Select "None" or your system CA bundle
- Authentication: EAP
- Username: Your VPN username
- Password: Your VPN password
- Check "Request an inner IP address"
- Click "Add".
- Toggle the VPN on from the network menu.
Connect via Command Line
Create a configuration file at /etc/ipsec.conf:
conn premiervpn
keyexchange=ikev2
ike=aes256-sha256-modp2048
esp=aes256-sha256
dpdaction=restart
dpddelay=30s
dpdtimeout=120s
left=%defaultroute
leftsourceip=%config
leftauth=eap-mschapv2
leftid=YOUR_VPN_USERNAME
right=uk.premiervpn.net
rightid=uk.premiervpn.net
rightsubnet=0.0.0.0/0
rightauth=pubkey
eap_identity=YOUR_VPN_USERNAME
auto=start
Add your credentials to /etc/ipsec.secrets:
YOUR_VPN_USERNAME : EAP "YOUR_VPN_PASSWORD"
Set permissions and start:
sudo chmod 600 /etc/ipsec.secrets
sudo ipsec restart
sudo ipsec up premiervpn
Disconnect
sudo ipsec down premiervpn
Available Servers
Replace uk.premiervpn.net in both the configuration and rightid with:
| Location | Hostname |
|---|---|
| United Kingdom | uk.premiervpn.net |
| Germany | de.premiervpn.net |
| Spain | sp.premiervpn.net |
| France | fr.premiervpn.net |
| Netherlands | nl.premiervpn.net |
| Sweden | sw.premiervpn.net |
| United States (Kansas) | ks.premiervpn.net |
| United States (New York) | ny.premiervpn.net |
| United States (Los Angeles) | la.premiervpn.net |
| Canada | ca.premiervpn.net |
| Australia | au.premiervpn.net |
| Japan | jp.premiervpn.net |
| Singapore | sg.premiervpn.net |
FAQs
I get "no proposal chosen" or "authentication failed".
Ensure your ike= and esp= lines match the server configuration. The settings above work with PremierVPN's StrongSwan servers.
Do I need to install the Let's Encrypt CA certificate?
No. Modern Linux distributions include the Let's Encrypt root certificate in their system trust store. If you have issues, update your CA certificates: sudo apt update && sudo apt install ca-certificates.