LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   NetworkManager OpenVpn issue (https://www.linuxquestions.org/questions/linux-networking-3/networkmanager-openvpn-issue-865094/)

mrmnemo 02-25-2011 11:09 PM
NetworkManager OpenVpn issue
 
Hi,

I have an openvpn account. I am able to access the connection if I load the conf file from cli directly with openvpn. However, if using networkmanger the connection fails.

Logs:
Code:
NetworkManager[1485]: <info> Starting VPN service 'org.freedesktop.NetworkManager.openvpn'...
 NetworkManager[1485]: <info> VPN service 'org.freedesktop.NetworkManager.openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 7153
 NetworkManager[1485]: <info> VPN service 'org.freedesktop.NetworkManager.openvpn' appeared, activating connections
 NetworkManager[1485]: <info> VPN plugin state changed: 1
 NetworkManager[1485]: <info> VPN plugin state changed: 3
 NetworkManager[1485]: <info> VPN connection 'openAIR' (Connect) reply received.
 nm-openvpn[7156]: OpenVPN 2.1.0 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Jul 12 2010
 nm-openvpn[7156]: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
 nm-openvpn[7156]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
 nm-openvpn[7156]: WARNING: file '/etc/openvpn/air/user.key' is group or others accessible
 nm-openvpn[7156]: /usr/bin/openssl-vulnkey -q -b 2048 -m <modulus omitted>
 nm-openvpn[7156]: LZO compression initialized
 nm-openvpn[7156]: Attempting to establish TCP connection with [AF_INET]94.23.211.188:443 [nonblock]
 nm-openvpn[7156]: TCP connection established with [AF_INET]94.23.211.188:443
 nm-openvpn[7156]: TCPv4_CLIENT link local: [undef]
 nm-openvpn[7156]: TCPv4_CLIENT link remote: [AF_INET]94.23.211.188:443
 nm-openvpn[7156]: [server] Peer Connection Initiated with [AF_INET]94.23.211.188:443
 NetworkManager[1485]:    SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/tun0, iface: tun0)
 NetworkManager[1485]:    SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/tun0, iface: tun0): no ifupdown configuration found.
 modem-manager: (net/tun0): could not get port's parent device
 nm-openvpn[7156]: TUN/TAP device tun0 opened
 nm-openvpn[7156]: /sbin/ifconfig tun0 10.5.5.110 pointopoint 10.5.5.109 mtu 1500
 nm-openvpn[7156]: /usr/lib/network-manager-openvpn/nm-openvpn-service-openvpn-helper tun0 1500 1560 10.5.5.110 10.5.5.109 init
 NetworkManager[1485]: <warn> VPN connection 'openAIR' (IP Config Get) timeout exceeded.
 nm-openvpn[7156]: Initialization Sequence Completed
 nm-openvpn[7156]: event_wait : Interrupted system call (code=4)
 nm-openvpn[7156]: /sbin/ifconfig tun0 0.0.0.0
 NetworkManager[1485]: <info> Policy set 'Auto elif' (wlan0) as default for IPv4 routing and DNS.
 avahi-daemon[1478]: Withdrawing workstation service for tun0.
 NetworkManager[1485]:    SCPlugin-Ifupdown: devices removed (path: /sys/devices/virtual/net/tun0, iface: tun0)
 nm-openvpn[7156]: SIGTERM[hard,] received, process exiting
The above is when launching via the networkmanager gui. The CLI via openvpn works just fine.

I use Ubuntu. However, newtworkmanager is used in many distros. I figure this has something to do with networkmanager. I would appreciate any help.

quanta 02-27-2011 09:58 AM
Here's some related info for you: https://bugs.launchpad.net/ubuntu/+s...nc/+bug/668874

mrmnemo 02-27-2011 11:21 AM
Thanks for posting that. I still have not figured it out. I just launch openVPN and pont it to the need info. Its something to do with NetworkManger's plugin for OpenVPN connections.

mrmnemo 02-27-2011 12:04 PM
ok, welll this is odd. It works now. Even more strange, I didnt perform an update. I am thinking a gremlin fixed it or something. However, I have no way of debugging or anything cause I have no idea what changed. My /etc/alternatives changed too. O well. Guess I will mark as solved. Sorry I cant post the reason it works now.

However, you can debug it by forcing the plugin to run under a few diff conditions ( this when I noticed it worked ). What you can do is make sure that the plugin is not running with:
Code:
ps -C nm-openvpn-service
Next, kill the service with:
Code:
sudo killall nm-openvpn-service
Next, youi can load the plugin using 32bit or 64bit plugins I am guessing. However, I am not sure if it makes a difference. All I know is the same file exist in multiple locations. In my case ( gremlins ) made all of them work. Essentially, run each of the below snippets in the terminal THEN use the NetworkManger gui to try and connect. The NetworkManager site at gnome showed this as the way to debug things. I just had to change the location of the libs used. For some reason the ones on the debug how to didnt exist.
Code:
sudo OPENVPN_DEBUG=1 /usr/lib64/network-manager-openvpn/nm-openvpn-service
or
Code:
sudo OPENVPN_DEBUG=1 /usr/lib/network-manager-openvpn/nm-openvpn-service
or
Code:
sudo OPENVPN_DEBUG=1 /usr/lib32/network-manager-openvpn/nm-openvpn-service

Hope this helps anyone else.


All times are GMT -5. The time now is 03:09 PM.