Networkmanager + OpenVPN : timeout problem (Fedora 10)

jonaskellens · 05-17-2009, 05:02 AM

I have a remote OpenVPN-server on an Endian firewall.
Authentication is set to username+password and a *.pem-certificate.

On my Fedora 10-system I have setup a new VPN-connection with NetworkManager :

gateway : IP-adres of the remote endian firewall / endian
type : password
CA Certificate : endian.pem (downloaded from endian firewall, generated automatically)

I have changed SELinux to grant access to OpenVPN to access the home directories. My endian.pem-certificate resides in /home/jonas.
(SELinux gave me this notice, and gave me the command to use. Very friendly of SELinux)

I have poked a hole in my firewall to open port 1194.

My router has PPTP and IPSec passthrough enabled.

Still... when I try to connect to the OpenVPNserver, it's taking too long and finally times out on "Requesting a VPN-address".

Where does it go wrong ?

tail -f /var/log/messages :

Code:

May 17 14:22:26 jonas NetworkManager: <info>  Starting VPN service 'org.freedesktop.NetworkManager.openvpn'...
May 17 14:22:26 jonas NetworkManager: <info>  VPN service 'org.freedesktop.NetworkManager.openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 3960
May 17 14:22:26 jonas NetworkManager: <info>  VPN service 'org.freedesktop.NetworkManager.openvpn' just appeared, activating connections
May 17 14:22:26 jonas NetworkManager: <info>  VPN plugin state changed: 1
May 17 14:22:26 jonas NetworkManager: <info>  VPN plugin state changed: 3
May 17 14:22:26 jonas nm-openvpn[3962]: OpenVPN 2.1_rc15 i386-redhat-linux-gnu [SSL] [LZO2] [EPOLL] built on Nov 30 2008
May 17 14:22:26 jonas NetworkManager: <info>  VPN connection 'VPN TCS' (Connect) reply received.
May 17 14:22:26 jonas nm-openvpn[3962]: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
May 17 14:22:26 jonas nm-openvpn[3962]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
May 17 14:22:26 jonas nm-openvpn[3962]: UDPv4 link local: [undef]
May 17 14:22:26 jonas nm-openvpn[3962]: UDPv4 link remote: 78.21.41.176:1194
May 17 14:23:07 jonas NetworkManager: <info>  VPN connection 'VPN TCS' (IP Config Get) timeout exceeded.
May 17 14:23:07 jonas nm-openvpn[3962]: SIGTERM[hard,] received, process exiting
May 17 14:23:07 jonas NetworkManager: <info>  Policy set 'Auto JOCAN' (wlan0) as default for routing and DNS.

sj200449 · 10-27-2011, 09:06 AM

Did you resolve this as I am seeing the exact same issue with Fedora 15 to a Cisco 5520 when trying to use openvpn

Linux xxxxx 2.6.40.6-0.fc15.i686 #1 SMP Tue Oct 4 00:51:19 UTC 2011 i686 i686 i386 GNU/Linux

i even downloaded the pem cert and told openvpn about it in /etc/pki/tls/certs although i dont think that was needed as you tell the NetworkManager openvpn dialogue about it anyway (the cert)

pendrive · 10-27-2011, 10:01 AM

issue this command on the terminal and put the output here

$ openvpn /path/to/client.conf

sj200449 · 10-27-2011, 01:49 PM

Trying to find that file now, it is not in /etc/openvpn because i am using the network manager tool to configure the connection, having trouble but will post when i find it.

alternatively i may ignore network manager and try the fedora vpn page manually.

sj200449 · 10-31-2011, 05:03 AM

Having issues with time on this now. Will get back to it asap.

-Stephen

pendrive · 11-02-2011, 09:30 AM

find it from /usr/share/doc/openvpn/examples/sample-config-files/client.conf

copy it from there to /etc/openvpn/ and then config it to customize for yourself