[SOLVED] How to make a vpn connection persistent on reboot
Linux MintThis forum is for the discussion of Linux Mint.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have a workable vpn connection (NordVPN), which at present needs to be manually connected after each reboot. I would like to have the vpn automatically connected on startup. Is there a way to do this? Linux Mint 18 64bit, eth0 dhcp connection. Thanks
Are you using NetworkManager to manage your network settings? If so, a NetworkManager dispatcher script will do the job of starting the VPN as soon as the network is up. For example http://askubuntu.com/questions/43465...etwork-manager
Thanks for the reply. I've made some progress, but have stalled out now. I checked my connection names with
Code:
nmcli con show
as suggested and then used vim to make a
Code:
/etc/NetworkManager/dispatcher.d/vpn-up
script file from ferrari's link plugging in my eth0 and vpn connection names.
Code:
REQUIRED_CONNECTION_NAME="Ethernet connection dhcp"
VPN_CONNECTION_NAME="uk19.nordvpn.com.tcp443"
default_conn=$(nmcli con show --active | grep "${REQUIRED_CONNECTION_NAME}")
vpn_conn=$(nmcli con show id | grep "${VPN_CONNECTION_NAME}")
if [ "${default_conn}" -a ! "${vpn_conn}" ];
then
nmcli con up id "${VPN_CONNECTION_NAME}"
fi
After a restart /var/log/syslog showed a permissions error on this file, so I modified the permissions with
and the permissions seem to be fine now. But on startup now the vpn still won't connect automatically and the syslog file error message states:
Code:
Mar 25 15:15:02 x nm-dispatcher[1678]: Warning: password for 'vpn.secrets.password' not given in 'passwd-file' and nmcli cannot ask without '--ask' option.
Mar 25 15:15:02 x NetworkManager[1276]: <error> [1490469302.7591] vpn-connection[XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX,"XXXX.nordvpn.com.tcp443",0]: Failed to request VPN secrets #3: No agents were available for this request.
Mar 25 15:15:02 x nm-dispatcher[1678]: Error: Connection activation failed: no valid VPN secrets.
Mar 25 15:15:02 x nm-dispatcher: req:2 'up' [enp1s0], "/etc/NetworkManager/dispatcher.d/vpn-up": complete: failed with Script '/etc/NetworkManager/dispatcher.d/vpn-up' exited with error status 4.
Mar 25 15:15:02 x NetworkManager[1276]: <warn> [1490469302.7652] dispatcher: (3) vpn-up failed (failed): Script '/etc/NetworkManager/dispatcher.d/vpn-up' exited with error status 4.
I have tried plugging in my NordVPN password into the "Authentications" box of the Mint Network Connections entry for my vpn. But that doesn't solve the problem. Also I cannot find a "vpn.secrets.password" or "passwd-file" anywhere on my system as referenced in the /var/log/syslog errors.
You may need to (re)define the connections as system-wide connections first, so that the credentials are stored in the connection config files themselves, as opposed to a password manager (for user-specific connection profiles).
Afraid I'm having no success now. I have the system to the point, that on reboot the eth0 will not connect automatically. But if I click on eth0 in the NetworkManager menu, both eth0 and the vpn both connect. Checking my /var/log/syslog file, I now have the following entries:
Code:
Mar 25 22:41:45 x NetworkManager[1234]: <info> [1490496105.5056] vpn-connection[XXXXXXXXXXXX,"uk19.nordvpn.com.tcp443",0]: VPN connection: (ConnectInteractive) reply received
Mar 25 22:41:45 x nm-openvpn[1820]: Options error: --ca fails with '/home/x/.cert/nm-openvpn/uk19.nordvpn.com.tcp443-ca.pem': No such file or directory
Mar 25 22:41:45 x nm-openvpn[1820]: Options error: --tls-auth fails with '/home/x/.cert/nm-openvpn/uk19.nordvpn.com.tcp443-tls-auth.pem': No such file or directory
Mar 25 22:41:45 x nm-openvpn[1820]: Options error: Please correct these errors.
Mar 25 22:41:45 x NetworkManager[1234]: (nm-openvpn-service:1817): nm-openvpn-WARNING **: openvpn[1820] exited with error code 1
Mar 25 22:41:45 x nm-openvpn[1820]: Use --help for more information.
Mar 25 22:41:45 x NetworkManager[1234]: <warn> [1490496105.5090] vpn-connection[XXXXXXX,"uk19.nordvpn.com.tcp443",0]: VPN plugin: failed: connect-failed (1)
Mar 25 22:41:45 x NetworkManager[1234]: <warn> [1490496105.5090] vpn-connection[XXXXXXXXXXXXXXXXXXX,"uk19.nordvpn.com.tcp443",0]: VPN plugin: failed: connect-failed (1)
Mar 25 22:41:45 x NetworkManager[1234]: <info> [1490496105.5091] vpn-connection[XXXXXXXXXXXX,"uk19.nordvpn.com.tcp443",0]: VPN plugin: state changed: stopping (5)
Mar 25 22:41:45 x NetworkManager[1234]: <info> [1490496105.5092] vpn-connection[XXXXXXXXXXXXXXXXXXX,"uk19.nordvpn.com.tcp443",0]: VPN plugin: state changed: stopped (6)
Mar 25 22:41:45 x NetworkManager[1234]: <info> [1490496105.5104] vpn-connection[XXXXXXXXXX,"uk19.nordvpn.com.tcp443",0]: VPN plugin: state change reason: unknown (0)
Mar 25 22:41:45 x NetworkManager[1234]: <info> [1490496105.5104] device (enp1s0): state change: secondaries -> failed (reason 'secondary-connection-failed') [90 120 54]
Mar 25 22:41:45 x NetworkManager[1234]: <info> [1490496105.5106] manager: NetworkManager state is now DISCONNECTED
I have checked and I do have the files listed as problems:
Yes ferrari, I am using an encrypted /home folder.
Well, there's the problem right there. You should relocate the relevant files to a directory outside of the encrypted home folder. The VPN connection will need to be edited to reflect the new location of the .pem files as well.
folder. But the eth0 with the vpn still will not autostart on reboot. After searching through the syslog file and my filesystem for hours, I cannot find a file, that on initial startup will direct (openvpn?) to go to my new location to read the .pem files. I am assuming my eth0 will not start up automatically, because it now linked via NetworkManager with the vpn and as you have stated, my .pem files need to be accessed outside of the encrypted /home.
I'm not sure if I completely understand you. The VPN connection profile is stored in the /etc/NetworkManager/system-connections/ directory eg /etc/NetworkManager/system-connections//uk19.nordvpn.com.tcp443
It should contain the path to the .pem files. You can either edit the connection via NM or edit the file directly (as root).
have a uk19.nordvpn.com.tcp443 and also a uk19.nordvpn.com.tcp443_ file, the latter having permissions that needed sudo cat to read. The latter file is the one, with the path to the two .pem files. I had been ignoring this file before. Will modify those entries with vim and reboot to see what happens. The first of the two uk19 files is empty and I had assumed the other was as well. I will do the mods and report back. Many thanks ferrari.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.