Thanks, as the machines need "unencrypted" network to re-negotiate keys, I can't really use the secondaries features, so instead I just ended up with a systemd timer unit set to do nmcli -w 0 c up id vpn as a oneshot.
On Thu, Jul 17, 2014 at 10:48 PM, Dan Williams <d...@redhat.com> wrote: > On Wed, 2014-07-16 at 10:24 +0200, D.S. Ljungmark wrote: >> Thanks, good to know. The one thing I did struggle with for a while was >> permissions on the keyfiles. Now as said, we have a connection defined. It >> connects as intended, if ordered manually. But it doesn't auto connect or >> reconnect. > > VPN autoconnect is not implemented at this time, unless you use the > "secondaries" functionality. VPN reconnect is also not implemented, but > we hope to make that work better soon. > > Dan > >> /D.S. >> On 16 Jul 2014 10:20, "Thomas Haller" <thal...@redhat.com> wrote: >> >> > On Tue, 2014-07-15 at 17:16 +0200, D.S. Ljungmark wrote: >> > > On 15/07/14 15:20, Thomas Haller wrote: >> > > > ... BUT... for VPN, the settings are opaque to NetworkManager and >> > passed >> > > > on to the VPN plugin. So, to know the meaning of the [vpn] settings, >> > you >> > > > have to look for their meaning in NetworkManager-openvpn... usually >> > > > these parameters correspond to command line options to openvpn. So see >> > > > `man openvpn`. >> > > >> > > Aye, we have openVpn setup & working. but not integrated with >> > > NetworkManager, what we're hoping is to have NM manage all interfaces >> > > and VPN's and just have stuff "work" without having to manage it via >> > > various cron jobs to automatically restart things just in case. >> > > ( seriously, running curl http://vpn.vpn.vpn || service vpn restart is >> > > -not- optimal. But was what we used to have ) >> > >> > >> > Sidenote: NetworkManager-openvpn plugin does not pass any keys blindly >> > to openvpn. It only allows those options, that it understands. The >> > reason is that if the plugin would allow options that it cannot >> > understand, it would not know what openvpn is doing. Thus, there might >> > be some options, that are not implemented in the plugin and do not work. >> > >> > But as you said you got NM connecting, that does not concern you. >> > >> > >> > Thomas >> > >> _______________________________________________ >> networkmanager-list mailing list >> networkmanager-list@gnome.org >> https://mail.gnome.org/mailman/listinfo/networkmanager-list > > -- 8362 CB14 98AD 11EF CEB6 FA81 FCC3 7674 449E 3CFC _______________________________________________ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
