charon-nm never terminated

Your connection fails because you haven't checked the "Request an inner IP address" checkbox but configured an IP address pool in `rightsourceip` on the server (which is required if your client is behind a NAT). So change your connection settings so a virtual IP is requested from the server.

Regarding charon-nm not terminating, that's due to a change in NM 0.9.10 [1]. In older releases a SIGTERM was sent to the process, now it's up to the service to hook the "quit" signal sent by NM and terminate itself if needed.

However, I'm not sure if it's actually a problem. charon-nm has not changed the routing or installed any IPsec SAs yet (due to the error) so it should be possible to just start the connection again with the same instance of charon-nm still running (after fixing the config, of course). And if the connection is terminated properly, reusing the same instance should also be OK. I haven't tested this though, so it's possible that charon-nm doesn't handle this correctly (terminating the process via "quit" signal would be quite simple to implement though).

Just so you know, strongSwan's NM plugin is pretty out-of-date and not fully compatible with current NM releases.

[1] http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/src/vpn-manager/nm-vpn-service.c?id=4b57f6920e9a4dda7dcabaa46e0c6b693c9af83c

thanks for the clarification, indeed checking the checkbox established the connection.

about the process, my concern was that since the connection is not established there's a pending process around. if the user doesn't fix the connection, what will happen to it?

Status changed to 'Confirmed' because the bug affects multiple users.