diff --git a/.gitignore b/.gitignore
index 4f91033..a120e39 100644
--- a/.gitignore
+++ b/.gitignore
@@ -24,3 +24,4 @@ NetworkManager-openswan-0.8.tar.gz
 /NetworkManager-libreswan-1.2.22.tar.xz
 /NetworkManager-libreswan-1.2.24.tar.xz
 /NetworkManager-libreswan-1.2.26.tar.xz
+/NetworkManager-libreswan-1.2.27.tar.xz
diff --git a/0001-Add-nm-auto-defaults-option.patch b/0001-Add-nm-auto-defaults-option.patch
deleted file mode 100644
index a37ce49..0000000
--- a/0001-Add-nm-auto-defaults-option.patch
+++ /dev/null
@@ -1,165 +0,0 @@
-From 3ea80883fefc620d1ee60e594b3735fb7be92801 Mon Sep 17 00:00:00 2001
-From: Gris Ge <fge@redhat.com>
-Date: Mon, 23 Sep 2024 20:07:13 +0800
-Subject: [PATCH] Add `nm-auto-defaults` option
-
-The NetworkManager-libreswan add additional values when user undefined
-which is causing incapability `ipsec.conf` and NM-libreswan config.
-
-Instead of breaking existing users, this introduced `nm-auto-defaults`
-option and set default to yes preserving previous behaviour. For other
-user wish NM-libreswan do not add default values, explicit
-`nm-auto-defaults: no` is required in NetworkManager `vpn.data`.
-
-These are for advanced use cases, no GUI access required.
-
-[lkundrak@v3.sk: rebased this on top of reworked ipsec.conf configuration
-writer/serializer, added test cases, wrote docs.]
----
- man/nm-settings-libreswan.5.in | 11 +++++++++--
- shared/nm-service-defines.h    |  1 +
- shared/test-utils.c            | 34 ++++++++++++++++++++++++++++++++++
- shared/utils.c                 | 12 +++++++++++-
- 4 files changed, 55 insertions(+), 3 deletions(-)
-
-diff --git a/man/nm-settings-libreswan.5.in b/man/nm-settings-libreswan.5.in
-index c98fe77..6152590 100644
---- a/man/nm-settings-libreswan.5.in
-+++ b/man/nm-settings-libreswan.5.in
-@@ -19,9 +19,9 @@
- .\" with this manual; if not, write to the Free Software Foundation, Inc.,
- .\" 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- .\"
--.\" Copyright (C) 2018 Red Hat, Inc.
-+.\" Copyright (C) 2018,2025 Red Hat, Inc.
- .\"
--.TH NM-SETTINGS-LIBRESWAN "5" "9 July 2018"
-+.TH NM-SETTINGS-LIBRESWAN "5" "7 Apr 2025"
- 
- .SH NAME
- nm\-setting\-libreswan \- NetworkManager Libreswan plugin supported options
-@@ -167,6 +167,13 @@ parameter of the same name.
- .I "pskinputmodes"
- where the 'pskvalue' can be retrieved. Used internally by the plugin. Allowed values are: 'unused', 'save', 'ask'.
- .TP
-+.I "nm-auto-defaults"
-+Allowed values are: 'yes' and 'no'.
-+This options indicates that the VPN plugin should not substitute default values for keys that are not
-+present in \fBvpn.data\fR or alter the values for the keys that are specified. Malformed values will be
-+rejected for security reasons, but other than that the user is responsible for ensuring the configuration
-+will work. This is mainly useful when connections are created with a management tool like \fBnmstatectl\fR(8).
-+.TP
- .I "xauthpasswordinputmodes"
- where the 'xauthpassword' can be retrieved. Used internally by the plugin. Allowed values are: 'unused', 'save', 'ask'.
- .TP
-diff --git a/shared/nm-service-defines.h b/shared/nm-service-defines.h
-index f29923f..736fa56 100644
---- a/shared/nm-service-defines.h
-+++ b/shared/nm-service-defines.h
-@@ -76,6 +76,7 @@
- #define NM_LIBRESWAN_KEY_HOSTADDRFAMILY             "hostaddrfamily"
- #define NM_LIBRESWAN_KEY_CLIENTADDRFAMILY           "clientaddrfamily"
- #define NM_LIBRESWAN_KEY_REQUIRE_ID_ON_CERTIFICATE  "require-id-on-certificate"
-+#define NM_LIBRESWAN_KEY_NM_AUTO_DEFAULTS           "nm-auto-defaults"
- 
- #define NM_LIBRESWAN_IKEV2_NO      "no"
- #define NM_LIBRESWAN_IKEV2_NEVER   "never"
-diff --git a/shared/test-utils.c b/shared/test-utils.c
-index c7ad8dd..2dc4532 100644
---- a/shared/test-utils.c
-+++ b/shared/test-utils.c
-@@ -164,6 +164,23 @@ test_config_write (void)
- 	g_free (str);
- 	g_object_unref (s_vpn);
- 
-+	s_vpn = NM_SETTING_VPN (nm_setting_vpn_new ());
-+	nm_setting_vpn_add_data_item (s_vpn, "ikev2", "insist");
-+	nm_setting_vpn_add_data_item (s_vpn, "leftrsasigkey", "hello");
-+	nm_setting_vpn_add_data_item (s_vpn, "rightrsasigkey", "world");
-+	nm_setting_vpn_add_data_item (s_vpn, "right", "11.12.13.14");
-+	nm_setting_vpn_add_data_item (s_vpn, "nm-auto-defaults", "false");
-+	str = nm_libreswan_get_ipsec_conf (4, s_vpn, "conn", NULL, FALSE, TRUE, &error);
-+	g_assert_no_error (error);
-+	g_assert_cmpstr (str, ==,
-+                         "conn conn\n"
-+                         " ikev2=insist\n"
-+                         " right=11.12.13.14\n"
-+                         " rightrsasigkey=\"world\"\n"
-+                         " leftrsasigkey=\"hello\"\n");
-+	g_free (str);
-+	g_object_unref (s_vpn);
-+
- 	s_vpn = NM_SETTING_VPN (nm_setting_vpn_new ());
- 	str = nm_libreswan_get_ipsec_conf (4, s_vpn, "conn", NULL, FALSE, TRUE, &error);
- 	g_assert_error (error, NM_UTILS_ERROR, NM_UTILS_ERROR_INVALID_ARGUMENT);
-@@ -195,6 +212,23 @@ test_config_write (void)
- 	g_assert_null (str);
- 	g_clear_error (&error);
- 	g_object_unref (s_vpn);
-+
-+	s_vpn = NM_SETTING_VPN (nm_setting_vpn_new ());
-+	nm_setting_vpn_add_data_item (s_vpn, "nm-auto-defaults", "false");
-+	nm_setting_vpn_add_data_item (s_vpn, "rightcert", "\"cert\"");
-+	str = nm_libreswan_get_ipsec_conf (4, s_vpn, "conn", NULL, FALSE, TRUE, &error);
-+	g_assert_error (error, NM_UTILS_ERROR, NM_UTILS_ERROR_INVALID_ARGUMENT);
-+	g_assert_null (str);
-+	g_clear_error (&error);
-+	g_object_unref (s_vpn);
-+
-+	s_vpn = NM_SETTING_VPN (nm_setting_vpn_new ());
-+	nm_setting_vpn_add_data_item (s_vpn, "nm-auto-defaults", "false");
-+	str = nm_libreswan_get_ipsec_conf (4, s_vpn, "conn", NULL, FALSE, TRUE, &error);
-+	g_assert_error (error, NM_UTILS_ERROR, NM_UTILS_ERROR_INVALID_ARGUMENT);
-+	g_assert_null (str);
-+	g_clear_error (&error);
-+	g_object_unref (s_vpn);
- }
- 
- static void
-diff --git a/shared/utils.c b/shared/utils.c
-index e6dec8a..9c33315 100644
---- a/shared/utils.c
-+++ b/shared/utils.c
-@@ -341,6 +341,7 @@ static const struct LibreswanParam params[] = {
- 	{ NM_LIBRESWAN_KEY_XAUTH_PASSWORD_INPUT_MODES, add,                   PARAM_IGNORE },
- 	{ NM_LIBRESWAN_KEY_PSK_VALUE "-flags",         add,                   PARAM_IGNORE },
- 	{ NM_LIBRESWAN_KEY_XAUTH_PASSWORD "-flags",    add,                   PARAM_IGNORE },
-+	{ NM_LIBRESWAN_KEY_NM_AUTO_DEFAULTS,           add,                   PARAM_IGNORE },
- 
- 	{ NULL  }
- };
-@@ -368,6 +369,7 @@ sanitize_setting_vpn (NMSettingVpn *s_vpn,
-                       GError **error)
- {
- 	gs_unref_object NMSettingVpn *sanitized = NULL;
-+	gboolean auto_defaults = TRUE;
- 	int handled_items = 0;
- 	const char *val;
- 	int i;
-@@ -380,6 +382,10 @@ sanitize_setting_vpn (NMSettingVpn *s_vpn,
- 	              NM_SETTING_VPN_SERVICE_TYPE, NM_VPN_SERVICE_TYPE_LIBRESWAN,
- 	              NULL);
- 
-+	auto_defaults = _nm_utils_ascii_str_to_bool (
-+		nm_setting_vpn_get_data_item (s_vpn, NM_LIBRESWAN_KEY_NM_AUTO_DEFAULTS),
-+		TRUE);
-+
- 	for (i = 0; params[i].name != NULL; i++) {
- 		val = nm_setting_vpn_get_data_item (s_vpn, params[i].name);
- 		if (val != NULL) {
-@@ -393,7 +399,11 @@ sanitize_setting_vpn (NMSettingVpn *s_vpn,
- 			return NULL;
- 		}
- 
--		params[i].add_sanitized (sanitized, params[i].name, val);
-+		if (auto_defaults) {
-+			params[i].add_sanitized (sanitized, params[i].name, val);
-+		} else {
-+			nm_setting_vpn_add_data_item (sanitized, params[i].name, val);
-+		}
- 
- 		val = nm_setting_vpn_get_data_item (sanitized, params[i].name);
- 		if (val == NULL)
--- 
-GitLab
-
diff --git a/0002-Treat-leftmodecfgserver-differently-according-to-nm-.patch b/0002-Treat-leftmodecfgserver-differently-according-to-nm-.patch
deleted file mode 100644
index 2c30dc7..0000000
--- a/0002-Treat-leftmodecfgserver-differently-according-to-nm-.patch
+++ /dev/null
@@ -1,62 +0,0 @@
-From 9b4467bd226d5a6819b9bfa9fc337c64dc61c293 Mon Sep 17 00:00:00 2001
-From: Gris Ge <fge@redhat.com>
-Date: Fri, 25 Apr 2025 16:28:52 +0800
-Subject: [PATCH] Treat leftmodecfgserver differently according to
- nm-auto-defaults
-
-When `nm-auto-defaults: no` defined, the default value of
-`leftmodecfgserver` should be `no`.
-
-Signed-off-by: Gris Ge <fge@redhat.com>
----
- src/nm-libreswan-service.c | 23 +++++++++++++++++++++--
- 1 file changed, 21 insertions(+), 2 deletions(-)
-
-diff --git a/src/nm-libreswan-service.c b/src/nm-libreswan-service.c
-index e58bc9e..7987ada 100644
---- a/src/nm-libreswan-service.c
-+++ b/src/nm-libreswan-service.c
-@@ -65,6 +65,7 @@ typedef NMVpnServicePlugin NMLibreswanPlugin;
- typedef NMVpnServicePluginClass NMLibreswanPluginClass;
- 
- static GType nm_libreswan_plugin_get_type (void);
-+static bool is_leftmodecfgserver_enabled(NMSettingVpn *s_vpn);
- 
- G_DEFINE_TYPE (NMLibreswanPlugin, nm_libreswan_plugin, NM_TYPE_VPN_SERVICE_PLUGIN)
- 
-@@ -1296,8 +1297,8 @@ handle_callback (NMDBusLibreswanHelper *object,
- 
- 	if (   priv->connection
- 	    && (s_vpn = nm_connection_get_setting_vpn (priv->connection))
--	    && (cstr = nm_setting_vpn_get_data_item (s_vpn, NM_LIBRESWAN_KEY_LEFTMODECFGCLIENT))
--	    && nm_streq (cstr, "no")) {
-+	    && !is_leftmodecfgserver_enabled(s_vpn)
-+	    ) {
- 		/* no dynamic address needed */
- 	} else {
- 		/* IP address */
-@@ -2179,3 +2180,21 @@ main (int argc, char *argv[])
- 
- 	exit (0);
- }
-+
-+static bool
-+is_leftmodecfgserver_enabled(NMSettingVpn *s_vpn)
-+{
-+	const char *auto_value;
-+	const char *cstr;
-+
-+	auto_value = nm_setting_vpn_get_data_item(s_vpn, NM_LIBRESWAN_KEY_NM_AUTO_DEFAULTS);
-+	if (auto_value && nm_streq(auto_value, "no")) {
-+		// undefined means false when `nm-auto-defaults: no`
-+		cstr = nm_setting_vpn_get_data_item(s_vpn, NM_LIBRESWAN_KEY_LEFTMODECFGCLIENT);
-+		return (cstr && nm_streq(cstr, "yes"));
-+	} else {
-+		// undefined means true
-+		cstr = nm_setting_vpn_get_data_item(s_vpn, NM_LIBRESWAN_KEY_LEFTMODECFGCLIENT);
-+		return !(cstr && nm_streq(cstr, "no"));
-+	}
-+}
--- 
-GitLab
-
diff --git a/NetworkManager-libreswan.spec b/NetworkManager-libreswan.spec
index 145ff5e..aad0985 100644
--- a/NetworkManager-libreswan.spec
+++ b/NetworkManager-libreswan.spec
@@ -14,15 +14,12 @@
 
 Summary:   NetworkManager VPN plug-in for IPsec VPN
 Name:      NetworkManager-libreswan
-Version:   1.2.26
-Release:   2%{?dist}
+Version:   1.2.27
+Release:   1%{?dist}
 License:   GPL-2.0-or-later
 URL:       https://gitlab.gnome.org/GNOME/NetworkManager-libreswan
 Source0:   https://download.gnome.org/sources/NetworkManager-libreswan/1.2/%{name}-%{version}.tar.xz
 
-Patch0:    https://gitlab.gnome.org/GNOME/NetworkManager-libreswan/-/commit/3ea80883fefc.patch#/0001-Add-nm-auto-defaults-option.patch
-Patch1:    https://gitlab.gnome.org/GNOME/NetworkManager-libreswan/-/commit/9b4467bd226d.patch#/0002-Treat-leftmodecfgserver-differently-according-to-nm-.patch
-
 BuildRequires: make
 BuildRequires: gcc
 BuildRequires: gtk3-devel
@@ -126,6 +123,9 @@ mv %{buildroot}%{_sysconfdir}/dbus-1 %{buildroot}%{_datadir}/
 
 
 %changelog
+* Wed Oct 01 2025 Lubomir Rintel <lkundrak@v3.sk> - 1.2.27-1
+- Update to later upstream release to address regressions (RHEL-56551)
+
 * Mon May 12 2025 Lubomir Rintel <lkundrak@v3.sk> - 1.2.26-2
 - Add support for nm-auto-defaults (RHEL-85768)
 
diff --git a/sources b/sources
index ead13e9..599cd06 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (NetworkManager-libreswan-1.2.26.tar.xz) = d4ca93bb2a0b992e2ff342bc97fcbb41971ad28f4ad729b4f0eeaae71f9d1cabadbbd9c1e49077470e0dd4b0e4ad197f782459362e19488fe581ec669fb707a0
+SHA512 (NetworkManager-libreswan-1.2.27.tar.xz) = e2a8be105bd839a7aba72ef265609b7ddea5fae0f30deac08c2ea205c5455974012ee5d93e5f3fc9575c9ee33d42f5f3f52d1ed4f28a38c9685c71272035f129