Manual network selection
Hi, Firstly, my environment: Location: Australia Modem: ZTE 636 Distribution: Fedora NM packages: NetworkManager-0.7.2-2.git20091223.fc11.i586.rpm, NetworkManager- glib-0.7.2-2.git20091223.fc11.i586.rpm, NetworkManager- gnome-0.7.2-2.git20091223.fc11.i586.rpm The problem here is that the manual network selection doesn't work at it does under Windows. The basic problem is that there appears to be a "sub-network id". For example, when the modem is sent the command: AT+COPS=? the following response is received (reformatted for readability): +COPS: (2,"Telstra Mobile","Telstra","50501",2), (1,"Telstra Mobile","Telstra","50501",0), (1,"3Telstra","3Telstra","50506",2), (3,"YES OPTUS","Optus","50502",0), (3,"YES OPTUS","Optus","50502",2), (3,"vodafone AU","voda AU","50503",2), Under Windows, to select the first of these networks, it sends the following command to the modem: AT+COPS=1,2,"50501",2 and to select the second: AT+COPS=1,2,"50501",0 If the device is left to select a default Telstra network, or an unqualified "50501" network, it seems to select the "50501,0" network – which is a 2G network that is basically unusable. There are 30+ second delays in getting responses to DNS name resolutions with "traceroute" showing that the problem is in the first hop. To get anything usable, the "50501,2" network is required. This functionality is not present in NetworkManager. In the function "manual_registration" in the file "nm-gsm-device.c" there is the code: command = g_strdup_printf ("AT+COPS=1,2,\"%s\"", nm_setting_gsm_get_network_id (setting)); What I have done, and I agree it's an absolutely ugly hack, is to enter, in the "Network" field in the network connection editor dialog, the six-digit entry "505012" and use a modified version of "nm-gsm-device.c" with the following code: = start of code snippet = static void manual_registration (NMGsmDevice *device) { NMSettingGsm *setting; char *command; const char *responses[] = { "OK", "ERROR", "ERR", NULL }; char *network_id; char network_subid; setting = NM_SETTING_GSM (gsm_device_get_setting (device, NM_TYPE_SETTING_GSM)); network_id = g_strdup( nm_setting_gsm_get_network_id (setting)); if( strlen( network_id ) != 6 ) command = g_strdup_printf ("AT+COPS=1,2,\"%s\"", network_id ); else { network_subid = network_id[ 5 ]; network_id[ 5 ] = '\0'; command = g_strdup_printf ("AT+COPS=1,2,\"%s\",%c", network_id, network_subid ); } g_free( network_id ); modem_wait_for_reply (device, command, 15, responses, responses, manual_registration_response, NULL); g_free (command); } = end of code snippet = What I think is required is: 1) in the network connection editor for GSM devices, have a button which does the COPS=? command and present that list to the user; 2) the user can then select which network they want to connect to, with the "sub-id" being recorded in the configuration file; and 3) the "manual_registration" function be modified accordingly. I've tried to do this myself but my knowledge of the Gnome API and environment is sadly lacking. So, is there anyone out there willing to have a go at this. Of course, I'm willing to test any modifications. Cheers, Kevin ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Trouble configuring a VPN interface to access a Windows network
On Tue, 17 Mar 2009, Dan Williams opined: > I assume MPPE was in-use on the PPTP server? Unless there's some > mechanism to figure this stuff out during the negotiation process, these > sorts of things are just something the network admin has to tell the > users to set, or preload on the users machine :( Given that the connection can only be established when MPPE is specified, I suppose you are correct. I've had a look at the "Properties" dialog for the connection of my Windows machine, and under the "Security" tab, selecting the "Advanced (custom settings)" option, the following options have been set by the wizard: Data encryption Require encryption (disconnect if server declines) Logon security Allow these protocols Microsoft CHAP (MS-CHAP) Microsoft CHAP Version 2 (MS-CHAP v2) So I guess that it's all in the "Data encryption" option which defaults to "required". More evidence that encryption is not a negotiable option. If it was, the encryption level would be set at the server end and we would not have this option. > Thanks for the log, I haven't set up an MPPE system yet. If you have, > are there any gotchas I should look out for when I do? The remote MPPE system is not under my control, it belongs to a client, so I cannot help you there. And, given the level of sophistication of that client, I doubt that it was a conscience decision to configure encryption. It's probably one of those rare Microsoft decisions to have security enabled "out of the box". ;) Cheers, Kevin ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Trouble configuring a VPN interface to access a Windows network
On Sat, 14 Mar 2009, Dan Williams opined: > Ok, those should have the domain fixes. One thing to debug with would > be to enter the full domain+username in standard Windows format into the > "username" box, and clear the domain box. > > Dan No, that didn't work. Tried domain\user, domain\\user, domain/user. All failed. I then tried a few experiments and, after a bit of fiddling, checked the "Advanced / Use Point-To-Point encryption (MPPE)" and the connection was successfully established!!. So, in the end, this is a (l)user problem. :( For the record, the following is the system log (again slightly edited for security/privacy reasons). ~~~ NetworkManager: Starting VPN service 'org.freedesktop.NetworkManager.pptp'... NetworkManager: VPN service 'org.freedesktop.NetworkManager.pptp' started (org.freedesktop.NetworkManager.pptp), PID 24115 NetworkManager: VPN service 'org.freedesktop.NetworkManager.pptp' just appeared, activating connections NetworkManager: VPN plugin state changed: 1 NetworkManager: VPN plugin state changed: 3 NetworkManager: VPN connection '???' (Connect) reply received. pppd[24118]: Plugin /usr/lib/pppd/2.4.4/nm-pptp-pppd-plugin.so loaded. pppd[24118]: pppd 2.4.4 started by root, uid 0 pptp[24119]: nm-pptp-service-24115 log[main:pptp.c:314]: The synchronous pptp option is NOT activated pppd[24118]: Using interface ppp0 pppd[24118]: Connect: ppp0 <--> /dev/pts/1 pptp[24128]: nm-pptp-service-24115 log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 1 'Start-Control-Connection-Request' pptp[24128]: nm-pptp-service-24115 log[ctrlp_disp:pptp_ctrl.c:739]: Received Start Control Connection Reply pptp[24128]: nm-pptp-service-24115 log[ctrlp_disp:pptp_ctrl.c:773]: Client connection established. pptp[24128]: nm-pptp-service-24115 log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 7 'Outgoing-Call-Request' pptp[24128]: nm-pptp-service-24115 log[ctrlp_disp:pptp_ctrl.c:858]: Received Outgoing Call Reply. pptp[24128]: nm-pptp-service-24115 log[ctrlp_disp:pptp_ctrl.c:897]: Outgoing call established (call ID 0, peer's call ID 24506). pptp[24128]: nm-pptp-service-24115 log[ctrlp_disp:pptp_ctrl.c:950]: PPTP_SET_LINK_INFO received from peer_callid 50185 pptp[24128]: nm-pptp-service-24115 log[ctrlp_disp:pptp_ctrl.c:953]: send_accm is , recv_accm is pptp[24128]: nm-pptp-service-24115 warn[ctrlp_disp:pptp_ctrl.c:956]: Non-zero Async Control Character Maps are notsupported! pppd[24118]: CHAP authentication succeeded pppd[24118]: MPPE 128-bit stateless compression enabled pppd[24118]: local IP address 172.25.194.17 pppd[24118]: remote IP address 172.25.194.10 pppd[24118]: primary DNS address 10.20.7.202 pppd[24118]: secondary DNS address 10.20.7.200 NetworkManager: VPN connection '???' (IP Config Get) reply received. NetworkManager: VPN Gateway: 0.0.0.0 NetworkManager: Tunnel Device: ppp0 NetworkManager: Internal IP4 Address: 172.25.194.17 NetworkManager: Internal IP4 Prefix: 32 NetworkManager: Internal IP4 Point-to-Point Address: 172.25.194.10 NetworkManager: Maximum Segment Size (MSS): 0 NetworkManager: Internal IP4 DNS: 10.20.7.202 NetworkManager: Internal IP4 DNS: 10.20.7.200 NetworkManager: DNS Domain: '(none)' NetworkManager: Login Banner: NetworkManager: - NetworkManager: (null) NetworkManager: - NetworkManager: VPN connection '???' (IP Config Get) complete. NetworkManager: Policy set '???' (ppp0) as default for routing and DNS. NetworkManager: VPN plugin state changed: 4 ~~~ The difference starts at the line pppd[24118]: MPPE 128-bit stateless compression enabled in the failed run it was: LCP terminated by peer (^BM-?-M-K^@http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Trouble configuring a VPN interface to access a Windows network
On Fri, 13 Mar 2009, Dan Williams opined: > On Thu, 2009-03-12 at 10:14 +1100, Kevin Gilbert wrote: > > I am having trouble configuring a VPN interface to access a Windows > > network. [snip] > Which version of the PPTP plugin? There were some issues with domains > that were fixed after 0.7 but before 0.7.1. > > dan $ egrep 'NetworkManager|pptp' /var/log/rpmpkgs NetworkManager-0.7.0.99-3.fc10.i386.rpm NetworkManager-glib-0.7.0.99-3.fc10.i386.rpm NetworkManager-gnome-0.7.0.99-3.fc10.i386.rpm NetworkManager-openconnect-0.7.0.99-1.fc10.i386.rpm NetworkManager-openvpn-0.7.0.99-1.fc10.i386.rpm NetworkManager-pptp-0.7.0.99-1.fc10.i386.rpm NetworkManager-vpnc-0.7.0.99-1.fc10.i386.rpm pptp-1.7.2-3.fc10.i386.rpm Hope that helps. Cheers, Kevin ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Trouble configuring a VPN interface to access a Windows network
I am having trouble configuring a VPN interface to access a Windows network. Within the Windows "Network Connections" window this connection is listed as: Name: Type: Virtual Private Network Device Name: WAN Miniport (PPTP) It was created via the "New Connection Wizard" as follows: Network Connection Type: Connect to the network at my workplace Network Connection: Virtual Private Network connection Connection Name: Public Network: Do not dial the initial connection VPN Server Selection: Connection Availability: Anyone's use I have tried to configure the connection via the nm-applet as follows: Choose a VPN Connection Type: Point-To-Point Tunneling Protocol (PPTP) Gateway: User name: Password: NT Domain: (Advanced Button - basically used the defaults) Authentication Allow the following authentication methods: (all checked) Security and Compression Use Point-To-Point encryption (MPPE): unchecked Allow BSD compression: checked Allow Deflate compression: checked Use TCP header compression: checked Echo Send PPP echo packets: unchecked NOTE: The user name, password are those that are entered in Windows when the I connect to the VPN and the Domain is the Windows domain that I am logging into. Note that the user name and password used for the actual Windows login is different to the ones used above. When trying to activate the connection, the following is produced in the system log file. (Note that this has been slightly edited for security reasons.) NetworkManager: Starting VPN service 'org.freedesktop.NetworkManager.pptp'... NetworkManager: VPN service 'org.freedesktop.NetworkManager.pptp' started (org.freedesktop.NetworkManager.pptp), PID 25013 NetworkManager: VPN service 'org.freedesktop.NetworkManager.pptp' just appeared, activating connections NetworkManager: VPN plugin state changed: 3 NetworkManager: VPN connection 'VPN connection 1' (Connect) reply received. pppd[25016]: Plugin /usr/lib/pppd/2.4.4/nm-pptp-pppd-plugin.so loaded. pppd[25016]: pppd 2.4.4 started by root, uid 0 pppd[25016]: Using interface ppp0 pppd[25016]: Connect: ppp0 <--> /dev/pts/2 pptp[25017]: nm-pptp-service-25013 log[main:pptp.c:314]: The synchronous pptp option is NOT activated pptp[25026]: nm-pptp-service-25013 log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 1 'Start-Control-Connection-Request' pptp[25026]: nm-pptp-service-25013 log[ctrlp_disp:pptp_ctrl.c:739]: Received Start Control Connection Reply pptp[25026]: nm-pptp-service-25013 log[ctrlp_disp:pptp_ctrl.c:773]: Client connection established. pptp[25026]: nm-pptp-service-25013 log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 7 'Outgoing-Call-Request' pptp[25026]: nm-pptp-service-25013 log[ctrlp_disp:pptp_ctrl.c:858]: Received Outgoing Call Reply. pptp[25026]: nm-pptp-service-25013 log[ctrlp_disp:pptp_ctrl.c:897]: Outgoing call established (call ID 0, peer's call ID 61490). pptp[25026]: nm-pptp-service-25013 log[ctrlp_disp:pptp_ctrl.c:950]: PPTP_SET_LINK_INFO received from peer_callid 50110 pptp[25026]: nm-pptp-service-25013 log[ctrlp_disp:pptp_ctrl.c:953]: send_accm is , recv_accm is pptp[25026]: nm-pptp-service-25013 warn[ctrlp_disp:pptp_ctrl.c:956]: Non-zero Async Control Character Maps are notsupported! pppd[25016]: CHAP authentication succeeded pppd[25016]: LCP terminated by peer (^BM-?-M-K^@ VPN plugin failed: 1 pppd[25016]: Connection terminated. pptp[25017]: nm-pptp-service-25013 warn[decaps_hdlc:pptp_gre.c:204]: short read (-1): Input/output error pptp[25017]: nm-pptp-service-25013 warn[decaps_hdlc:pptp_gre.c:216]: pppd may have shutdown, see pppd log pptp[25026]: nm-pptp-service-25013 log[callmgr_main:pptp_callmgr.c:234]: Closing connection (unhandled) pptp[25026]: nm-pptp-service-25013 log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 12 'Call-Clear-Request' NetworkManager: VPN plugin failed: 1 pptp[25026]: nm-pptp-service-25013 log[call_callback:pptp_callmgr.c:79]: Closing connection (call state) pppd[25016]: Modem hangup pppd[25016]: Exit. NetworkManager: VPN plugin failed: 1 NetworkManager: VPN plugin state changed: 6 NetworkManager: VPN plugin state change reason: 0 NetworkManager: connection_state_changed(): Could not process the request because no VPN connection was active. NetworkManager: Policy set 'Auto xxx' (wlan0) as default for routing and DNS. I have been able to get other VPN connections to work - its just this one. Thx in advance for any help, Kevin ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list