Re: Mobile Broadband - disconnect after 2 mins.
Thanks for the reply, Dan. I didn't see these replies until after I submitted comments on the bug report. In those comments I gave you the appropriate syslog entries showing that pppd logged four unsuccessful LCP echo requests and terminates the connection after 2.5 minutes. B! Your work towards overriding pppd's default options looks like it should do the trick. Thanks! -- Gilbert Mendoza PGP: 0x075DBCA9 Email: gmendoza at gmail.com http://www.savvyadmin.com https://launchpad.net/~gmendoza https://wiki.ubuntu.com/GilbertMendoza On Thu, Oct 23, 2008 at 10:48 AM, Dan Williams [EMAIL PROTECTED] wrote: So the pppd defaults appear to be to ignore LCP echos. If the box in the connection editor is unchecked, NM will _not_ send lcp-echo-interval or lcp-echo-failure to pppd. However, if those options were specified in /etc/ppp/options at all, it appears that pppd will read that file no matter what, and thus you'll get lcp echos turned on even if NM didn't tell pppd to turn them on. I will modify NetworkManager to always pass lcp-echo-interval and lcp-echo-failure as 0 whenever the box is unchecked in the connection editor, to ensure that /etc/ppp/options gets overridden, and that people don't get whiplash from stupid pppd config hierarchy... 2. Nothing overrides the default PPP (LCP) echo options, so even though the UI says off, if the default is on, echos are still sent. And this is of course the real issue. Thanks pppd! Dan ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Mobile Broadband - disconnect after 2 mins.
On Thu, Oct 23, 2008 at 11:04 AM, Dan Williams [EMAIL PROTECTED] wrote: lcp-echo-* are always written in svn r4209, including when they are 0. Dan You rock... thanks, Dan. -- Gilbert Mendoza PGP: 0x075DBCA9 Email: gmendoza at gmail.com http://www.savvyadmin.com https://launchpad.net/~gmendoza https://wiki.ubuntu.com/GilbertMendoza ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Mobile Broadband - disconnect after 2 mins.
I just submitted this bug, which was noted as resolved... but I can confirm that the problem still exists. http://bugzilla.gnome.org/show_bug.cgi?id=556781 I had been testing NM from PPA for Ubuntu Hardy... and now I'm testing NM 0.7.0 included in Ubuntu Intrepid, and I still see the same behavior. The CDMA connection does not have the Send ppp echo packets checked... which was explained to me as LCP echo. In the bug report, I also noted a work around, which is to disable LCP echo requests and interval setting in the global PPP options file: /etc/ppp/options: lcp-echo-interval 0 lcp-echo-failure 0 This resolves the issue for me. Perhaps you can also comment on the bug report. -- Gilbert Mendoza PGP: 0x075DBCA9 Email: gmendoza at gmail.com http://www.savvyadmin.com https://launchpad.net/~gmendoza https://wiki.ubuntu.com/GilbertMendoza On Wed, Oct 22, 2008 at 10:18 AM, Rick Jones [EMAIL PROTECTED] wrote: Having hacked a binary patch into NM (just for the init string) so my Palm modem will connect, I now find that it systematically disconnects after exactly 2 minutes. In the log, the modem state suddenly goes from 8 - 7, and then everything unwinds. It makes no difference whether the connection is idle or busy, after 2 mins. it's gone I know this modem has a problem with LCP echo - when testing it with pppd I had to explicitly turn LCP echo off otherwise it complained that it received its own echo requests. However, with echo off it will stay connected indefinitely using pppd. What does NM do with LCP echo? I notice there is an option in the config dialog for PPP echo (is that the same thing?), but that it won't stick so I guess it's unimplemented. Any ideas on the timeout disconnect? Rick ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Wired 802.1x Machine/User Authentication
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dan, First of all, thanks for taking the time to read and respond to my question. It was a tad long, but I wanted to convey my intentions completely. On Sun, Jul 27, 2008 at 11:58 AM, Dan Williams wrote: This isn't currently possible with the NM 0.6.x branch, but 0.7 should have the required infrastructure (system and user connections). The logic to do this would likely be in the user applet, since the user applet is launched on login. Basically, the machine would have a system-level connection that would start when NM starts as a daemon at system startup time, and then at login time there would be a user connection stored in the users session (GConf for gnome, kconfig I think for KDE) which could be activated after login when the applet starts that contains the required user-specific credentials. I figured as much, but you've given me a glimmer of hope with 0.7. You've also interpreted my goal perfectly. The missing bit is to have the applet somehow figure out that the existing system connection is not good enough, and to try to activate a specific user connection even though the system already has an active connection. But that's not too hard. You could come up with a proof-of-concept patch fairly easily, I think. The applet, on startup, would decide that some connection from it's local store was more important that the current system connection, and just tell NM to activate that one instead. Full automation of the transition process between machine and user authentication would definitely complete the solution. If the framework is already there for allowing such separation of profiles, I believe it would just be a matter of defining network profile preference, or an order of precedence. Just as one typically thinks of when roaming between different wireless SSID's, you would be able to specify which network is preferred over another if they're both available. The same could be done with the wired profiles, or simply have all network types tied together. I can see this being useful when you have a wired connection plugged in, but want NM to prefer and default to your wireless profile. As for submitting a patch, unfortunately I have only a limited programming skill set... but wanted to throw the idea out there for someone with faster capabilities to do so than I. I really need and want to address this. :-) - -- Gilbert Mendoza PGP: 0x075DBCA9 Email: gmendoza at gmail.com http://www.savvyadmin.com https://launchpad.net/~gmendoza https://wiki.ubuntu.com/GilbertMendoza -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIjNRFBZd5UQddvKkRAkWqAJ4mBpaj46HiEVVwM64FoQRUVpCgqQCghaLu +1WUU2C9qis7W+CoEpCFdJ4= =nXX6 -END PGP SIGNATURE- ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Wired 802.1x Machine/User Authentication
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Greets... Some background info first: I'm working on a wired 802.1x project in which I automatically assign per-user VLAN's and ACL's based on RADIUS user group profiles. Machines and Users are all authenticated as individual security principles. MS Windows 802.1x settings allow for a workstation to login automatically with it's own domain credentials prior to any user logging on. However, once the user logs in, this initiates a reauthentication event with the interactive users NT credentials. Based on the authentication result, I can assign to the switch port additional ACL's, change the VLAN dynamically, or simply keep things the same but I have detailed logs of who/what is logging in where. I am looking to do the same thing with NetworkManager. I would like to configure the workstation to automatically authenticate with one particular authentication method prior to a user logging in (e.g. EAP-TTLS, EAP-PEAP, etc), but I want a user to be able to use their personalized NetworkManager 802.1x profile to reauthenticate after desktop access. Question: - From my previous experience with xsupplicant/wpa_supplicant and NM, I can configure /etc/network/interfaces with static 802.1x settings to accomplish machine authentication. However, this would disable a users ability to reauthenticate using NM, as NM would detect a manual configuration in place and not allow any per user settings. Does this still hold true, or is there a way to work around this limitation? I have currently only been using NM 0.6.6 which is included with Ubuntu 8.04 Hardy. Not sure if later releases have made this possible. Many thanks in advance for your input. - -- Gilbert Mendoza PGP: 0x075DBCA9 Email: gmendoza at gmail.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIiDIHBZd5UQddvKkRAv7iAKCHB1edT/WjLqRnBwXhEEyMJ8is/wCgptVr 416BuOGqD3ArdG2PeEhvFKc= =3CD5 -END PGP SIGNATURE- ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list