LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 06-20-2016, 12:39 PM   #1
l1m0n4d3
Member
 
Registered: Apr 2016
Location: Munich
Distribution: openSUSE Leap 15.1
Posts: 34

Rep: Reputation: Disabled
Issues with OpenVPN when trying to connect via GUI


I use ibVPN as service.

Connections via CLI do not give any kind of problem:
Code:
# openvpn --config ibVPN_Germany_\(Frankfurt_1\).ovpn
Mon Jun 20 18:21:19 2016 OpenVPN 2.3.10 x86_64-suse-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Jan  4 2016
Mon Jun 20 18:21:19 2016 library versions: OpenSSL 1.0.1i-fips 6 Aug 2014, LZO 2.08
Mon Jun 20 18:21:19 2016 WARNING: file 'user_pass.txt' is group or others accessible
Mon Jun 20 18:21:19 2016 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mon Jun 20 18:21:19 2016 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1502)
Mon Jun 20 18:21:19 2016 Socket Buffers: R=[87380->87380] S=[16384->16384]
Mon Jun 20 18:21:20 2016 Attempting to establish TCP connection with [AF_INET]178.162.197.145:1194 [nonblock]
Mon Jun 20 18:21:21 2016 TCP connection established with [AF_INET]178.162.197.145:1194
Mon Jun 20 18:21:21 2016 TCPv4_CLIENT link local: [undef]
Mon Jun 20 18:21:21 2016 TCPv4_CLIENT link remote: [AF_INET]178.162.197.145:1194
Mon Jun 20 18:21:21 2016 TLS: Initial packet from [AF_INET]178.162.197.145:1194, sid=a24ab55f 48685518
Mon Jun 20 18:21:21 2016 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mon Jun 20 18:21:21 2016 VERIFY OK: depth=1, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, CN=Fort-Funston CA, emailAddress=me@myhost.mydomain
Mon Jun 20 18:21:21 2016 VERIFY OK: nsCertType=SERVER
Mon Jun 20 18:21:21 2016 VERIFY OK: depth=0, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, CN=server, emailAddress=me@myhost.mydomain
Mon Jun 20 18:21:21 2016 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1578', remote='link-mtu 1576'
Mon Jun 20 18:21:21 2016 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1534', remote='tun-mtu 1532'
Mon Jun 20 18:21:21 2016 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Jun 20 18:21:21 2016 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jun 20 18:21:21 2016 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Jun 20 18:21:21 2016 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jun 20 18:21:21 2016 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
Mon Jun 20 18:21:21 2016 [server] Peer Connection Initiated with [AF_INET]178.162.197.145:1194
Mon Jun 20 18:21:23 2016 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Mon Jun 20 18:21:23 2016 PUSH: Received control message: 'PUSH_REPLY,show-net-up,route-gateway 10.10.20.1,ping 10,ping-restart 60,redirect-gateway def1,dhcp-option DNS 1.2.3.4,ifconfig 10.10.20.5 255.255.255.0'
Mon Jun 20 18:21:23 2016 Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:1: show-net-up (2.3.10)
Mon Jun 20 18:21:23 2016 OPTIONS IMPORT: timers and/or timeouts modified
Mon Jun 20 18:21:23 2016 OPTIONS IMPORT: --ifconfig/up options modified
Mon Jun 20 18:21:23 2016 OPTIONS IMPORT: route options modified
Mon Jun 20 18:21:23 2016 OPTIONS IMPORT: route-related options modified
Mon Jun 20 18:21:23 2016 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Mon Jun 20 18:21:23 2016 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=eth0 HWADDR=f4:6d:04:7f:17:10
Mon Jun 20 18:21:23 2016 TUN/TAP device tap0 opened
Mon Jun 20 18:21:23 2016 TUN/TAP TX queue length set to 100
Mon Jun 20 18:21:23 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Mon Jun 20 18:21:23 2016 /bin/ip link set dev tap0 up mtu 1502
Mon Jun 20 18:21:23 2016 /bin/ip addr add dev tap0 10.10.20.5/24 broadcast 10.10.20.255
Mon Jun 20 18:21:23 2016 client.up tap0 1502 1578 10.10.20.5 255.255.255.0 init
Mon Jun 20 18:21:25 2016 /bin/ip route add 178.162.197.145/32 via 192.168.1.1
Mon Jun 20 18:21:25 2016 /bin/ip route add 0.0.0.0/1 via 10.10.20.1
Mon Jun 20 18:21:25 2016 /bin/ip route add 128.0.0.0/1 via 10.10.20.1
Mon Jun 20 18:21:25 2016 Initialization Sequence Completed
But when it comes to graphic interface, in this case NetworkManager, I can get this connection neither stable (spontaneous disconnection after a couple of minutes) nor working (no destination is reachable).

That's what log displays to me in this mode:
Code:
#journalctl --since=2016-06-20 | grep vpn | tail
Jun 20 17:36:44 Asus-X52F nm-openvpn[13487]: Bad LZO decompression header byte: 0
Jun 20 17:36:44 Asus-X52F nm-openvpn[13487]: Bad LZO decompression header byte: 0
Jun 20 17:36:45 Asus-X52F nm-openvpn[13487]: Bad LZO decompression header byte: 0
Jun 20 17:36:45 Asus-X52F nm-openvpn[13487]: Bad LZO decompression header byte: 0
Jun 20 17:36:46 Asus-X52F nm-openvpn[13487]: Bad LZO decompression header byte: 0
Jun 20 17:36:46 Asus-X52F nm-openvpn[13487]: Bad LZO decompression header byte: 0
Jun 20 17:36:47 Asus-X52F nm-openvpn[13487]: Bad LZO decompression header byte: 0
Jun 20 17:36:47 Asus-X52F nm-openvpn[13487]: Bad LZO decompression header byte: 0
Jun 20 17:36:48 Asus-X52F nm-openvpn[13487]: Bad LZO decompression header byte: 0
Jun 20 17:36:48 Asus-X52F nm-openvpn[13487]: Bad LZO decompression header byte: 0
Pretty weird, I created connection from the identical file as above.
Code:
remote de1.ibvpn.com 1194 tcp
remote 178.162.221.62 1194 tcp
auth-user-pass user_pass.txt
up 'client.up'
down 'client.down'
link-mtu 1578
dev tap
server-poll-timeout 20
client
nobind
resolv-retry infinite
auth-retry nointeract
persist-key
persist-tun
mute-replay-warnings
comp-lzo
verb 3
mute 20
ns-cert-type server
route-method exe
route-delay 2
script-security 3 system
reneg-sec 0
<ca>
-----BEGIN CERTIFICATE-----
[…]
-----END CERTIFICATE-----
</ca>
Why don't I get the same behavior in both cases, if it's the same configuration file with apparently same parameters?

OS: Linux Leap, KDE Plasma 5.6.90

Last edited by l1m0n4d3; 06-20-2016 at 12:41 PM.
 
Old 06-22-2016, 03:39 PM   #2
nini09
Senior Member
 
Registered: Apr 2009
Posts: 1,839

Rep: Reputation: 160Reputation: 160
Post complete log when network manager is used instead of error log only.
 
Old 06-23-2016, 03:25 AM   #3
l1m0n4d3
Member
 
Registered: Apr 2016
Location: Munich
Distribution: openSUSE Leap 15.1
Posts: 34

Original Poster
Rep: Reputation: Disabled
Do you mean something like this?

Code:
# journalctl --since=2016-06-20 -u NetworkManager
Jun 20 18:44:34 Asus-X52F NetworkManager[990]: (nm-openvpn-service:18806): nm-openvpn-WARNING **: (nm-openvpn-service.c:1269):nm_openvpn_start_openvpn_binary: runtime check failed: (priv->mgt_path == NULL)
Jun 20 18:44:34 Asus-X52F NetworkManager[990]: (nm-openvpn-service:18806): nm-openvpn-WARNING **: Directory '/var/lib/openvpn/chroot' not usable for chroot by 'nm-openvpn', openvpn will not be chrooted.
Jun 20 18:44:34 Asus-X52F NetworkManager[990]: <info>  VPN plugin state changed: starting (3)
Jun 20 18:44:34 Asus-X52F NetworkManager[990]: nm-openvpn-Message: openvpn started with pid 19523
Jun 20 18:44:34 Asus-X52F NetworkManager[990]: <info>  VPN connection 'ibVPN_Germany_(Frankfurt_1)' (Connect) reply received.
Jun 20 18:44:34 Asus-X52F nm-openvpn[19523]: OpenVPN 2.3.10 x86_64-suse-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Jan  4 2016
Jun 20 18:44:34 Asus-X52F nm-openvpn[19523]: library versions: OpenSSL 1.0.1i-fips 6 Aug 2014, LZO 2.08
Jun 20 18:44:34 Asus-X52F nm-openvpn[19523]: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Jun 20 18:44:34 Asus-X52F nm-openvpn[19523]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jun 20 18:44:34 Asus-X52F nm-openvpn[19523]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Jun 20 18:44:34 Asus-X52F nm-openvpn[19523]: UDPv4 link local: [undef]
Jun 20 18:44:34 Asus-X52F nm-openvpn[19523]: UDPv4 link remote: [AF_INET]178.162.221.62:1194
Jun 20 18:44:35 Asus-X52F nm-openvpn[19523]: WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1574', remote='link-mtu 1578'
Jun 20 18:44:35 Asus-X52F nm-openvpn[19523]: WARNING: 'mtu-dynamic' is present in remote config but missing in local config, remote='mtu-dynamic'
Jun 20 18:44:35 Asus-X52F nm-openvpn[19523]: [server] Peer Connection Initiated with [AF_INET]178.162.221.62:1194
Jun 20 18:44:37 Asus-X52F nm-openvpn[19523]: Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:1: show-net-up (2.3.10)
Jun 20 18:44:37 Asus-X52F nm-openvpn[19523]: TUN/TAP device tap0 opened
Jun 20 18:44:37 Asus-X52F nm-openvpn[19523]: /usr/lib/nm-openvpn-service-openvpn-helper --tap -- tap0 1500 1574 10.10.10.17 255.255.255.0 init
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: <info>  (tap0): new Tun device (carrier: OFF, driver: 'tun', ifindex: 33)
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: <info>  VPN connection 'ibVPN_Germany_(Frankfurt_1)' (IP Config Get) reply received.
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: <info>  VPN connection 'ibVPN_Germany_(Frankfurt_1)' (IP4 Config Get) reply received.
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: <info>  VPN Gateway: 178.162.221.62
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: <info>  Tunnel Device: tap0
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: <info>  IPv4 configuration:
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: <info>    Internal Gateway: 10.10.10.1
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: <info>    Internal Address: 10.10.10.17
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: <info>    Internal Prefix: 24
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: <info>    Internal Point-to-Point Address: 0.0.0.0
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: <info>    Maximum Segment Size (MSS): 0
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: <info>    Forbid Default Route: no
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: <info>    Internal DNS: 1.2.3.4
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: <info>    DNS Domain: '(none)'
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: <info>  No IPv6 configuration
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: <info>  VPN plugin state changed: started (4)
Jun 20 18:44:37 Asus-X52F nm-openvpn[19523]: GID set to nm-openvpn
Jun 20 18:44:37 Asus-X52F nm-openvpn[19523]: UID set to nm-openvpn
Jun 20 18:44:37 Asus-X52F nm-openvpn[19523]: Initialization Sequence Completed
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: <info>  VPN connection 'ibVPN_Germany_(Frankfurt_1)' (IP Config Get) complete.
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: <info>  (tap0): link connected
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: <info>  NetworkManager state is now CONNECTED_LOCAL
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: <info>  NetworkManager state is now CONNECTED_GLOBAL
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: dns-resolver: ATTENTION: You have modified /etc/resolv.conf. Leaving it untouched...
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: dns-resolver: You can find my version in /etc/resolv.conf.netconfig
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: ATTENTION: You have modified /etc/resolv.conf.  Leaving it untouched...
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: You can find my version in /etc/resolv.conf.netconfig ...
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: dns-resolver: ATTENTION: You have modified /etc/resolv.conf. Leaving it untouched...
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: dns-resolver: You can find my version in /etc/resolv.conf.netconfig
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: ATTENTION: You have modified /etc/resolv.conf.  Leaving it untouched...
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: You can find my version in /etc/resolv.conf.netconfig ...
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: <info>  No IPv6 configuration
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: <info>  VPN plugin state changed: started (4)
Jun 20 18:44:37 Asus-X52F nm-openvpn[19523]: GID set to nm-openvpn
Jun 20 18:44:37 Asus-X52F nm-openvpn[19523]: UID set to nm-openvpn
Jun 20 18:44:37 Asus-X52F nm-openvpn[19523]: Initialization Sequence Completed
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: <info>  VPN connection 'ibVPN_Germany_(Frankfurt_1)' (IP Config Get) complete.
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: <info>  (tap0): link connected
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: <info>  NetworkManager state is now CONNECTED_LOCAL
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: <info>  NetworkManager state is now CONNECTED_GLOBAL
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: dns-resolver: ATTENTION: You have modified /etc/resolv.conf. Leaving it untouched...
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: dns-resolver: You can find my version in /etc/resolv.conf.netconfig
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: ATTENTION: You have modified /etc/resolv.conf.  Leaving it untouched...
Jun 20 18:44:37 Asus-X52F NetworkManager[990]: You can find my version in /etc/resolv.conf.netconfig ...
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: dns-resolver: ATTENTION: You have modified /etc/resolv.conf. Leaving it untouched...
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: dns-resolver: You can find my version in /etc/resolv.conf.netconfig
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: ATTENTION: You have modified /etc/resolv.conf.  Leaving it untouched...
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: You can find my version in /etc/resolv.conf.netconfig ...
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: <info>  keyfile: add connection in-memory (ad092ddd-37e7-4dba-b010-7845641eb892,"tap0")
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: <info>  (tap0): device state change: unmanaged -> unavailable (reason 'connection-assumed') [10 20 41]
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: <info>  (tap0): device state change: unavailable -> disconnected (reason 'connection-assumed') [20 30 41]
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: <info>  (tap0): Activation: starting connection 'tap0' (ad092ddd-37e7-4dba-b010-7845641eb892)
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: dns-resolver: ATTENTION: You have modified /etc/resolv.conf. Leaving it untouched...
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: dns-resolver: You can find my version in /etc/resolv.conf.netconfig
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: ATTENTION: You have modified /etc/resolv.conf.  Leaving it untouched...
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: You can find my version in /etc/resolv.conf.netconfig ...
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: <info>  (tap0): device state change: disconnected -> prepare (reason 'none') [30 40 0]
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: <info>  (tap0): device state change: prepare -> config (reason 'none') [40 50 0]
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: <info>  (tap0): device state change: config -> ip-config (reason 'none') [50 70 0]
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: <info>  (tap0): device state change: ip-config -> ip-check (reason 'none') [70 80 0]
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: <info>  (tap0): device state change: ip-check -> secondaries (reason 'none') [80 90 0]
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: <info>  (tap0): device state change: secondaries -> activated (reason 'none') [90 100 0]
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: <info>  NetworkManager state is now CONNECTED_LOCAL
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: <info>  NetworkManager state is now CONNECTED_GLOBAL
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: <info>  Policy set 'tap0' (tap0) as default for IPv4 routing and DNS.
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: dns-resolver: ATTENTION: You have modified /etc/resolv.conf. Leaving it untouched...
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: dns-resolver: You can find my version in /etc/resolv.conf.netconfig
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: ATTENTION: You have modified /etc/resolv.conf.  Leaving it untouched...
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: You can find my version in /etc/resolv.conf.netconfig ...
Jun 20 18:44:38 Asus-X52F NetworkManager[990]: <info>  (tap0): Activation: successful, device activated.
Jun 20 18:44:47 Asus-X52F nm-openvpn[19523]: Bad LZO decompression header byte: 0
Jun 20 18:44:57 Asus-X52F nm-openvpn[19523]: Bad LZO decompression header byte: 0
Jun 20 18:45:07 Asus-X52F nm-openvpn[19523]: Bad LZO decompression header byte: 0
Jun 20 18:45:10 Asus-X52F dns-resolver[20054]: ATTENTION: You have modified /etc/resolv.conf. Leaving it untouched...
Jun 20 18:45:10 Asus-X52F dns-resolver[20056]: You can find my version in /etc/resolv.conf.netconfig
Jun 20 18:45:10 Asus-X52F NetworkManager[990]: dns-resolver: ATTENTION: You have modified /etc/resolv.conf. Leaving it untouched...
Jun 20 18:45:10 Asus-X52F NetworkManager[990]: dns-resolver: You can find my version in /etc/resolv.conf.netconfig
Jun 20 18:45:10 Asus-X52F NetworkManager[990]: ATTENTION: You have modified /etc/resolv.conf.  Leaving it untouched...
Jun 20 18:45:10 Asus-X52F NetworkManager[990]: You can find my version in /etc/resolv.conf.netconfig ...
Jun 20 18:45:10 Asus-X52F NetworkManager[990]: nm-openvpn-Message: Terminated openvpn daemon with PID 19523.
Jun 20 18:45:10 Asus-X52F NetworkManager[990]: <error> [1466441110.178161] [platform/nm-linux-platform.c:2816] do_change_link(): platform-linux: do-change-link: failure changing link 33: No such device (31)
Jun 20 18:45:10 Asus-X52F NetworkManager[990]: <info>  NetworkManager state is now CONNECTED_LOCAL
Jun 20 18:45:10 Asus-X52F NetworkManager[990]: <info>  NetworkManager state is now CONNECTED_GLOBAL
Jun 20 18:45:10 Asus-X52F NetworkManager[990]: <info>  Policy set 'Ethernet' (eth0) as default for IPv4 routing and DNS.
Jun 20 18:45:10 Asus-X52F nm-openvpn[19523]: SIGTERM[hard,] received, process exiting
 
Old 06-23-2016, 03:41 PM   #4
nini09
Senior Member
 
Registered: Apr 2009
Posts: 1,839

Rep: Reputation: 160Reputation: 160
How do you install Network-Manager OpenVPN? It has problem at very begin point.
 
Old 06-23-2016, 06:01 PM   #5
l1m0n4d3
Member
 
Registered: Apr 2016
Location: Munich
Distribution: openSUSE Leap 15.1
Posts: 34

Original Poster
Rep: Reputation: Disabled
YaST. Why?
 
Old 06-24-2016, 03:46 PM   #6
nini09
Senior Member
 
Registered: Apr 2009
Posts: 1,839

Rep: Reputation: 160Reputation: 160
I doubt your installation is wrong.
 
Old 06-26-2016, 05:47 PM   #7
l1m0n4d3
Member
 
Registered: Apr 2016
Location: Munich
Distribution: openSUSE Leap 15.1
Posts: 34

Original Poster
Rep: Reputation: Disabled
Angry Reinstalled, nothing changed

Doing
Code:
# zypper rm plasma-nm5-openvpn NetworkManager-openvpn
then
Code:
# zypper in plasma-nm5-openvpn NetworkManager-openvpn
did not solve my issue.
Code:
# journalctl --since=2016-06-26 -u NetworkManager
Jun 26 23:34:04 Asus-X52F NetworkManager[1014]: <info>  Starting VPN service 'openvpn'...
Jun 26 23:34:04 Asus-X52F NetworkManager[1014]: <info>  VPN service 'openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 6916
Jun 26 23:34:04 Asus-X52F NetworkManager[1014]: <info>  VPN service 'openvpn' appeared; activating connections
Jun 26 23:34:04 Asus-X52F NetworkManager[1014]: (nm-openvpn-service:6916): nm-openvpn-WARNING **: Directory '/var/lib/openvpn/chroot' not usable for chroot by 'nm-openvpn', openvpn will not be chrooted.
Jun 26 23:34:04 Asus-X52F NetworkManager[1014]: <info>  VPN plugin state changed: starting (3)
Jun 26 23:34:04 Asus-X52F NetworkManager[1014]: nm-openvpn-Message: openvpn started with pid 6920
Jun 26 23:34:04 Asus-X52F NetworkManager[1014]: <info>  VPN connection 'ibVPN_Germany_(Frankfurt_1)' (Connect) reply received.
Jun 26 23:34:04 Asus-X52F nm-openvpn[6920]: OpenVPN 2.3.10 x86_64-suse-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Jan  4 2016
Jun 26 23:34:04 Asus-X52F nm-openvpn[6920]: library versions: OpenSSL 1.0.1i-fips 6 Aug 2014, LZO 2.08
Jun 26 23:34:04 Asus-X52F nm-openvpn[6920]: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Jun 26 23:34:04 Asus-X52F nm-openvpn[6920]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jun 26 23:34:04 Asus-X52F nm-openvpn[6920]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Jun 26 23:34:04 Asus-X52F nm-openvpn[6920]: UDPv4 link local: [undef]
Jun 26 23:34:04 Asus-X52F nm-openvpn[6920]: UDPv4 link remote: [AF_INET]178.162.221.62:1194
Jun 26 23:34:04 Asus-X52F nm-openvpn[6920]: WARNING: 'dev-type' is used inconsistently, local='dev-type tun', remote='dev-type tap'
Jun 26 23:34:04 Asus-X52F nm-openvpn[6920]: WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1542', remote='link-mtu 1578'
Jun 26 23:34:04 Asus-X52F nm-openvpn[6920]: WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1500', remote='tun-mtu 1532'
Jun 26 23:34:04 Asus-X52F nm-openvpn[6920]: WARNING: 'mtu-dynamic' is present in remote config but missing in local config, remote='mtu-dynamic'
Jun 26 23:34:04 Asus-X52F nm-openvpn[6920]: [server] Peer Connection Initiated with [AF_INET]178.162.221.62:1194
Jun 26 23:34:07 Asus-X52F nm-openvpn[6920]: Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:1: show-net-up (2.3.10)
Jun 26 23:34:07 Asus-X52F nm-openvpn[6920]: WARNING: Since you are using --dev tun with a point-to-point topology, the second argument to --ifconfig must be an IP address.  You are using something (255.255.255.0) that looks more like a n
Jun 26 23:34:07 Asus-X52F nm-openvpn[6920]: TUN/TAP device tun0 opened
Jun 26 23:34:07 Asus-X52F nm-openvpn[6920]: /usr/lib/nm-openvpn-service-openvpn-helper --tun -- tun0 1500 1542 10.10.10.2 255.255.255.0 init
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: <info>  (tun0): new Tun device (carrier: OFF, driver: 'tun', ifindex: 4)
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: <info>  VPN connection 'ibVPN_Germany_(Frankfurt_1)' (IP Config Get) reply received.
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: <info>  VPN connection 'ibVPN_Germany_(Frankfurt_1)' (IP4 Config Get) reply received.
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: <info>  VPN Gateway: 178.162.221.62
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: <info>  Tunnel Device: tun0
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: <info>  IPv4 configuration:
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: <info>    Internal Gateway: 10.10.10.1
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: <info>    Internal Address: 10.10.10.2
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: <info>    Internal Prefix: 24
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: <info>    Internal Point-to-Point Address: 0.0.0.0
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: <info>    Maximum Segment Size (MSS): 0
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: <info>    Forbid Default Route: no
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: <info>    Internal DNS: 1.2.3.4
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: <info>    DNS Domain: '(none)'
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: <info>  No IPv6 configuration
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: <info>  VPN plugin state changed: started (4)
Jun 26 23:34:07 Asus-X52F nm-openvpn[6920]: GID set to nm-openvpn
Jun 26 23:34:07 Asus-X52F nm-openvpn[6920]: UID set to nm-openvpn
Jun 26 23:34:07 Asus-X52F nm-openvpn[6920]: Initialization Sequence Completed
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: <info>  VPN connection 'ibVPN_Germany_(Frankfurt_1)' (IP Config Get) complete.
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: <info>  (tun0): link connected
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: <info>  NetworkManager state is now CONNECTED_LOCAL
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: <info>  NetworkManager state is now CONNECTED_GLOBAL
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: dns-resolver: ATTENTION: You have modified /etc/resolv.conf. Leaving it untouched...
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: dns-resolver: You can find my version in /etc/resolv.conf.netconfig
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: ATTENTION: You have modified /etc/resolv.conf.  Leaving it untouched...
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: You can find my version in /etc/resolv.conf.netconfig ...
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: dns-resolver: ATTENTION: You have modified /etc/resolv.conf. Leaving it untouched...
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: dns-resolver: You can find my version in /etc/resolv.conf.netconfig
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: ATTENTION: You have modified /etc/resolv.conf.  Leaving it untouched...
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: You can find my version in /etc/resolv.conf.netconfig ...
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: <info>  keyfile: add connection in-memory (edd2cd03-18da-40fa-85a2-ab3c6ec5733c,"tun0")
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: <info>  (tun0): device state change: unmanaged -> unavailable (reason 'connection-assumed') [10 20 41]
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: <info>  (tun0): device state change: unavailable -> disconnected (reason 'connection-assumed') [20 30 41]
Jun 26 23:34:07 Asus-X52F NetworkManager[1014]: <info>  (tun0): Activation: starting connection 'tun0' (edd2cd03-18da-40fa-85a2-ab3c6ec5733c)
Jun 26 23:34:08 Asus-X52F NetworkManager[1014]: dns-resolver: ATTENTION: You have modified /etc/resolv.conf. Leaving it untouched...
Jun 26 23:34:08 Asus-X52F NetworkManager[1014]: dns-resolver: You can find my version in /etc/resolv.conf.netconfig
Jun 26 23:34:08 Asus-X52F NetworkManager[1014]: ATTENTION: You have modified /etc/resolv.conf.  Leaving it untouched...
Jun 26 23:34:08 Asus-X52F NetworkManager[1014]: You can find my version in /etc/resolv.conf.netconfig ...
Jun 26 23:34:08 Asus-X52F NetworkManager[1014]: <info>  (tun0): device state change: disconnected -> prepare (reason 'none') [30 40 0]
Jun 26 23:34:08 Asus-X52F NetworkManager[1014]: <info>  (tun0): device state change: prepare -> config (reason 'none') [40 50 0]
Jun 26 23:34:08 Asus-X52F NetworkManager[1014]: <info>  (tun0): device state change: config -> ip-config (reason 'none') [50 70 0]
Jun 26 23:34:08 Asus-X52F NetworkManager[1014]: <info>  (tun0): device state change: ip-config -> ip-check (reason 'none') [70 80 0]
Jun 26 23:34:08 Asus-X52F NetworkManager[1014]: <info>  (tun0): device state change: ip-check -> secondaries (reason 'none') [80 90 0]
Jun 26 23:34:08 Asus-X52F NetworkManager[1014]: <info>  (tun0): device state change: secondaries -> activated (reason 'none') [90 100 0]
Jun 26 23:34:08 Asus-X52F NetworkManager[1014]: <info>  NetworkManager state is now CONNECTED_LOCAL
Jun 26 23:34:08 Asus-X52F NetworkManager[1014]: <info>  NetworkManager state is now CONNECTED_GLOBAL
Jun 26 23:34:08 Asus-X52F NetworkManager[1014]: <info>  Policy set 'tun0' (tun0) as default for IPv4 routing and DNS.
Jun 26 23:34:08 Asus-X52F NetworkManager[1014]: dns-resolver: ATTENTION: You have modified /etc/resolv.conf. Leaving it untouched...
Jun 26 23:34:08 Asus-X52F NetworkManager[1014]: dns-resolver: You can find my version in /etc/resolv.conf.netconfig
Jun 26 23:34:08 Asus-X52F NetworkManager[1014]: ATTENTION: You have modified /etc/resolv.conf.  Leaving it untouched...
Jun 26 23:34:08 Asus-X52F NetworkManager[1014]: You can find my version in /etc/resolv.conf.netconfig ...
Jun 26 23:34:08 Asus-X52F NetworkManager[1014]: <info>  (tun0): Activation: successful, device activated.
Jun 26 23:34:17 Asus-X52F nm-openvpn[6920]: Bad LZO decompression header byte: 0
Jun 26 23:34:28 Asus-X52F nm-openvpn[6920]: Bad LZO decompression header byte: 0
Jun 26 23:34:38 Asus-X52F nm-openvpn[6920]: Bad LZO decompression header byte: 0
Jun 26 23:34:48 Asus-X52F nm-openvpn[6920]: Bad LZO decompression header byte: 0
Jun 26 23:34:58 Asus-X52F nm-openvpn[6920]: Bad LZO decompression header byte: 0
Jun 26 23:35:07 Asus-X52F nm-openvpn[6920]: [server] Inactivity timeout (--ping-restart), restarting
Jun 26 23:35:07 Asus-X52F nm-openvpn[6920]: SIGUSR1[soft,ping-restart] received, process restarting
Jun 26 23:35:09 Asus-X52F nm-openvpn[6920]: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Jun 26 23:35:09 Asus-X52F nm-openvpn[6920]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
 
Old 06-27-2016, 04:29 PM   #8
nini09
Senior Member
 
Registered: Apr 2009
Posts: 1,839

Rep: Reputation: 160Reputation: 160
Do you download certificate from server?
 
Old 06-28-2016, 03:38 AM   #9
l1m0n4d3
Member
 
Registered: Apr 2016
Location: Munich
Distribution: openSUSE Leap 15.1
Posts: 34

Original Poster
Rep: Reputation: Disabled
No, I don't. I would do it if clearly requested.
 
Old 06-28-2016, 03:30 PM   #10
nini09
Senior Member
 
Registered: Apr 2009
Posts: 1,839

Rep: Reputation: 160Reputation: 160
In configuration file, ns-cert-type server request certificate on server and client.
 
Old 06-28-2016, 03:49 PM   #11
l1m0n4d3
Member
 
Registered: Apr 2016
Location: Munich
Distribution: openSUSE Leap 15.1
Posts: 34

Original Poster
Rep: Reputation: Disabled
Sorry, I was mistaken thinking about an option to activate in the advanced settings.
Do you have a clue, how I can fix this?
Or is something buggy?
 
Old 06-29-2016, 04:11 PM   #12
nini09
Senior Member
 
Registered: Apr 2009
Posts: 1,839

Rep: Reputation: 160Reputation: 160
For recommedating setup on OpenSuse leap, certificate is requested.
If you want, you can follow following link to try without certificate.
http://bitcube.co.uk/content/openvpn-howto
 
Old 07-04-2016, 09:23 AM   #13
l1m0n4d3
Member
 
Registered: Apr 2016
Location: Munich
Distribution: openSUSE Leap 15.1
Posts: 34

Original Poster
Rep: Reputation: Disabled
Maybe we don't understand each other. I created the connections by strictly following instructions from VPN provider, but over GUI they do not work.
They work only via command line.
I'd like to finally get my VPN connections working when using GUI. Do you have any clue, what's going wrong here?
Thanks in advance for every helpful answer.
 
Old 07-05-2016, 03:21 PM   #14
nini09
Senior Member
 
Registered: Apr 2009
Posts: 1,839

Rep: Reputation: 160Reputation: 160
Is strict instructions from VPN provider CLI or GUI?
 
Old 07-05-2016, 03:47 PM   #15
l1m0n4d3
Member
 
Registered: Apr 2016
Location: Munich
Distribution: openSUSE Leap 15.1
Posts: 34

Original Poster
Rep: Reputation: Disabled
Summary: VPN connection works over command line, does not if I try to establish it by clicking on "Connect".
Is it so hard to understand?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Smallest non-GUI distro for sshd and openvpn lothario Linux - Distributions 18 01-17-2012 02:58 PM
OpenVPN Client GUI for Windows 7 64Bit turiyain Linux - Server 1 02-10-2011 03:43 AM
Any OpenVPN gui Client for Centos turiyain Linux - Desktop 2 08-23-2010 01:51 AM
OpenVPN client has not default gateway when connect to OpenVPN server sailershen Linux - Security 3 03-04-2010 03:20 AM
How does OpenVPN Linux server issues IP and netmask to OpenVPN clients on Windows XP pssompura Linux - Networking 0 12-24-2009 03:42 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 10:30 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration