Hi, I have set up a small OpenVPN configuration using shared keys. The first peer is set up using the following command:
openvpn --remote x.x.x.x --dev tun --ifconfig 10.4.0.2 10.4.0.1 --secret openvpn.key --float The second peer can connect to the first one using this command: openvpn --remote y.y.y.y --dev tun --ifconfig 10.4.0.1 10.4.0.2 --secret openvpn.key I tried the same with NetworkManager and this configuration: Gateway: y.y.y.y Connection Type: Pre-shared Key Shared Key: openvpn.key Local IP: 10.4.0.2 Remote IP: 10.4.0.1 Result was that no connection was established. Watching a bit deeper in the code I noticed that nm-openvpn-service-openvpn-helper returned an error because it did not receive a gateway. The following patch allows to use an OpenVPN Connection without getting a gateway. This patch applies fine against HEAD and STABLE. Does somebody have any concerns about giving NM no gateway address? Regards, Helmut
--- src/nm-openvpn-service-openvpn-helper.c +++ src/nm-openvpn-service-openvpn-helper.c @@ -218,10 +218,12 @@ return FALSE; } - if (! ipstr_to_uint32 (str_vpn_gateway, &uint_vpn_gateway) ) { - nm_warning ("nm-openvpn-service-openvpn-helper didn't receive a valid VPN Gateway from openvpn."); - send_config_error (con, "VPN Gateway"); - goto out; + if (str_vpn_gateway) { + if (! ipstr_to_uint32 (str_vpn_gateway, &uint_vpn_gateway) ) { + nm_warning ("nm-openvpn-service-openvpn-helper didn't receive a valid VPN Gateway from openvpn."); + send_config_error (con, "VPN Gateway"); + goto out; + } } if (! ipstr_to_uint32 (str_ip4_address, &uint_ip4_address) ) { @@ -381,11 +383,6 @@ } #endif - if (!vpn_gateway) { - nm_warning ("nm-openvpn-service-openvpn-helper didn't receive a VPN Gateway from openvpn."); - send_config_error (con, "VPN Gateway"); - exit (1); - } if (!tundev || !g_utf8_validate (tundev, -1, NULL)) { nm_warning ("nm-openvpn-service-openvpn-helper didn't receive a Tunnel Device from openvpn, or the tunnel device was not valid UTF-8."); send_config_error (con, "Tunnel Device");
_______________________________________________ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list