Re: OpenVPN config problem
Andrey Borzenkov napsal(a): On Friday 19 of February 2010 11:09:37 Karel Kozlik wrote: Hi, Dan Williams napsal(a): On Thu, 2010-02-18 at 11:24 +0100, Karel Kozlik wrote: Hi Dan, Dan Williams napsal(a): On Wed, 2010-02-17 at 10:36 +0100, Karel Kozlik wrote: Hi, could someone help me vith openVPN configuration in Network Manager? Actualy when I click to VPN connection in NM, it does nothing. /var/log/syslog contain following lines: I see the message "VPN connection 'my-vpn' failed to connect: 'No VPN secrets!'", but I believe the secrets are configured correctly. Is your private key by any chance *un*encrypted? The VPN service plugin currently requires encrypted private keys (which are more secure anyway) and it could fail like this in that case. Do you mean password protected key? My key was not. I tried create password protected key and changed the connectio type to "x509 with password" and filled the password into setttings. It still not worked. But when I changed the key to my old one (unecrypted) and left the connection type to "x509 with password" it connected. There are a few different passwords here. There's the "private key password", which is used to unlock your private key for TLS connections, and then there's also the "user password", which is used for password-based authentication that openvpn supports. Somewhat confusingly, you can stack these methods in openvpn, which is what the "TLS with password" thing is. But that's not what you want. Your connection appears to be TLS only, so you only need to choose "x509" there like you were before. I'm assuming that knetworkmanager is smart enough to ask you for your private key password when nm-openvpn-service needs it. So try flipping back to just "x509" and see where that gets you. I just tryied and it ends with error: Feb 19 09:01:36 kk-nb NetworkManager: nm_vpn_connection_connect_cb(): VPN connection 'kufr' failed to connect: 'No VPN secrets!'. It does not matter if I use my unecrypted key or password protected key. Knetworkmanager even do not ask me for the private key password. Could it be a bug in knetworkmanager? I am currently working on a similar problem using kvpnc plugin. Could you please provide - your ~/.kde4/share/config/networkmanagementrc - ~/.kde4/share/apps/networkmanagement/connections/{UUID} files attached - start knetworkmanager in terminal (do kquitapp knetworkmanager to terminate running version), try to connect and provide output only these rows imediately after start knetworkmanager: QLayout: Attempting to add QLayout "" to InterfaceConnectionItem "", which already has a layout QLayout: Attempting to add QLayout "" to InterfaceConnectionItem "", which already has a layout QLayout: Attempting to add QLayout "" to InterfaceConnectionItem "", which already has a layout QLayout: Attempting to add QLayout "" to InterfaceConnectionItem "", which already has a layout QLayout: Attempting to add QLayout "" to InterfaceConnectionItem "", which already has a layout and these when I try to connect: QDBusObjectPath: invalid path "any" QDBusObjectPath: invalid path "any" It does not seem to be useful. of course obfuscate any sensitive data. Also, are you using kwallet or plain text to store secrets? I do not use any secrets except the key which is in plain text in separate file. thanks, Karel thank you! -andrey thanks, Karel Dan But I am not sure if the connection procedure finished. The openvpn daemon is running, tap interface exists, I can ping remote server interface (via vpn) and default route is set to VPN tap interface. But status of the connection in knetworkmanager did not changed. So I cannot disconnect from it. I also cannot ping any another host except those on my LAN segment and the remote VPN server. The packets should be routed throught VPN connection to another nodes, but they are not. However it works if I connect purely with openvpn (not useing NM). Any idea what could be worng? Including my syslog. thanks, Karel Feb 18 11:19:21 kk-nb NetworkManager: Starting VPN service 'org.freedesktop.NetworkManager.openvpn'... Feb 18 11:19:21 kk-nb NetworkManager: VPN service 'org.freedesktop.NetworkManager.openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 24258 Feb 18 11:19:21 kk-nb NetworkManager: VPN service 'org.freedesktop.NetworkManager.openvpn' just appeared, activating connections Feb 18 11:19:21 kk-nb NetworkManager: VPN plugin state changed: 1 Feb 18 11:19:21 kk-nb nm-openvpn[24261]: OpenVPN 2.1_rc19 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Oct 13 2009 Feb 18 11:19:21 kk-nb NetworkManager: VPN plugin state changed: 3 Feb 18 11:19:21 kk-nb NetworkManager: VPN connection 'kufr' (Connect) reply received. Feb 18 11:19:21 kk-nb nm-openvpn[24261]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Feb 18 11:19:21 kk-nb nm-openvpn[242
Re: OpenVPN config problem
On Friday 19 of February 2010 11:09:37 Karel Kozlik wrote: > Hi, > > Dan Williams napsal(a): > > On Thu, 2010-02-18 at 11:24 +0100, Karel Kozlik wrote: > >> Hi Dan, > >> > >> Dan Williams napsal(a): > >>> On Wed, 2010-02-17 at 10:36 +0100, Karel Kozlik wrote: > Hi, > could someone help me vith openVPN configuration in Network > Manager? Actualy when I click to VPN connection in NM, it does > nothing. /var/log/syslog contain following lines: > > I see the message "VPN connection 'my-vpn' failed to connect: > 'No VPN secrets!'", but I believe the secrets are configured > correctly. > >>> > >>> Is your private key by any chance *un*encrypted? The VPN service > >>> plugin currently requires encrypted private keys (which are more > >>> secure anyway) and it could fail like this in that case. > >> > >> Do you mean password protected key? My key was not. > >> > >> I tried create password protected key and changed the connectio > >> type to "x509 with password" and filled the password into > >> setttings. It still not worked. But when I changed the key to my > >> old one (unecrypted) and left the connection type to "x509 with > >> password" it connected. > > > > There are a few different passwords here. There's the "private key > > password", which is used to unlock your private key for TLS > > connections, and then there's also the "user password", which is > > used for password-based authentication that openvpn supports. > > Somewhat confusingly, you can stack these methods in openvpn, > > which is what the "TLS with password" thing is. > > > > But that's not what you want. Your connection appears to be TLS > > only, so you only need to choose "x509" there like you were > > before. I'm assuming that knetworkmanager is smart enough to ask > > you for your private key password when nm-openvpn-service needs > > it. So try flipping back to just "x509" and see where that gets > > you. > > I just tryied and it ends with error: > > Feb 19 09:01:36 kk-nb NetworkManager: > nm_vpn_connection_connect_cb(): VPN connection 'kufr' failed to > connect: 'No VPN secrets!'. > > It does not matter if I use my unecrypted key or password protected > key. Knetworkmanager even do not ask me for the private key > password. > > Could it be a bug in knetworkmanager? > I am currently working on a similar problem using kvpnc plugin. Could you please provide - your ~/.kde4/share/config/networkmanagementrc - ~/.kde4/share/apps/networkmanagement/connections/{UUID} - start knetworkmanager in terminal (do kquitapp knetworkmanager to terminate running version), try to connect and provide output of course obfuscate any sensitive data. Also, are you using kwallet or plain text to store secrets? thank you! -andrey > thanks, > Karel > > > Dan > > > >> But I am not sure if the connection procedure finished. The > >> openvpn > >> > >> daemon is running, tap interface exists, I can ping remote server > >> interface (via vpn) and default route is set to VPN tap interface. > >> But status of the connection in knetworkmanager did not changed. > >> So I cannot disconnect from it. I also cannot ping any another > >> host except those on my LAN segment and the remote VPN server. > >> The packets should be routed throught VPN connection to another > >> nodes, but they are not. However it works if I connect purely > >> with openvpn (not useing NM). > >> > >> Any idea what could be worng? Including my syslog. > >> > >> thanks, > >> Karel > >> > >> > >> > >> Feb 18 11:19:21 kk-nb NetworkManager: Starting VPN service > >> 'org.freedesktop.NetworkManager.openvpn'... > >> Feb 18 11:19:21 kk-nb NetworkManager: VPN service > >> 'org.freedesktop.NetworkManager.openvpn' started > >> (org.freedesktop.NetworkManager.openvpn), PID 24258 > >> > >> > >> Feb 18 11:19:21 kk-nb NetworkManager: VPN service > >> 'org.freedesktop.NetworkManager.openvpn' just appeared, activating > >> connections > >> Feb 18 11:19:21 kk-nb NetworkManager: VPN plugin state > >> changed: 1 > >> Feb 18 11:19:21 kk-nb nm-openvpn[24261]: OpenVPN 2.1_rc19 > >> x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Oct 13 > >> 2009 > >> > >> Feb 18 11:19:21 kk-nb NetworkManager: VPN plugin state > >> changed: 3 > >> Feb 18 11:19:21 kk-nb NetworkManager: VPN connection > >> 'kufr' (Connect) reply received. > >> Feb 18 11:19:21 kk-nb nm-openvpn[24261]: WARNING: No server > >> certificate verification method has been enabled. See > >> http://openvpn.net/howto.html#mitm for more info. > >> > >> > >> Feb 18 11:19:21 kk-nb nm-openvpn[24261]: NOTE: the current > >> --script-security setting may allow this configuration to call > >> user-defined scripts > >> > >> > >> Feb 18 11:19:21 kk-nb nm-openvpn[24261]: WARNING: file > >> '/home/kk/.openvpn/kk-nb.key' is group or others accessible > >> > >> Feb 18 11:19:21 kk-nb nm-openvpn[24261]: /usr/bin/openssl-vulnkey > >> -q -b 1024 -m > >> Feb 18 11:19:22 kk-nb
Re: OpenVPN config problem
Hi, Dan Williams napsal(a): On Thu, 2010-02-18 at 11:24 +0100, Karel Kozlik wrote: Hi Dan, Dan Williams napsal(a): On Wed, 2010-02-17 at 10:36 +0100, Karel Kozlik wrote: Hi, could someone help me vith openVPN configuration in Network Manager? Actualy when I click to VPN connection in NM, it does nothing. /var/log/syslog contain following lines: I see the message "VPN connection 'my-vpn' failed to connect: 'No VPN secrets!'", but I believe the secrets are configured correctly. Is your private key by any chance *un*encrypted? The VPN service plugin currently requires encrypted private keys (which are more secure anyway) and it could fail like this in that case. Do you mean password protected key? My key was not. I tried create password protected key and changed the connectio type to "x509 with password" and filled the password into setttings. It still not worked. But when I changed the key to my old one (unecrypted) and left the connection type to "x509 with password" it connected. There are a few different passwords here. There's the "private key password", which is used to unlock your private key for TLS connections, and then there's also the "user password", which is used for password-based authentication that openvpn supports. Somewhat confusingly, you can stack these methods in openvpn, which is what the "TLS with password" thing is. But that's not what you want. Your connection appears to be TLS only, so you only need to choose "x509" there like you were before. I'm assuming that knetworkmanager is smart enough to ask you for your private key password when nm-openvpn-service needs it. So try flipping back to just "x509" and see where that gets you. I just tryied and it ends with error: Feb 19 09:01:36 kk-nb NetworkManager: nm_vpn_connection_connect_cb(): VPN connection 'kufr' failed to connect: 'No VPN secrets!'. It does not matter if I use my unecrypted key or password protected key. Knetworkmanager even do not ask me for the private key password. Could it be a bug in knetworkmanager? thanks, Karel Dan But I am not sure if the connection procedure finished. The openvpn daemon is running, tap interface exists, I can ping remote server interface (via vpn) and default route is set to VPN tap interface. But status of the connection in knetworkmanager did not changed. So I cannot disconnect from it. I also cannot ping any another host except those on my LAN segment and the remote VPN server. The packets should be routed throught VPN connection to another nodes, but they are not. However it works if I connect purely with openvpn (not useing NM). Any idea what could be worng? Including my syslog. thanks, Karel Feb 18 11:19:21 kk-nb NetworkManager: Starting VPN service 'org.freedesktop.NetworkManager.openvpn'... Feb 18 11:19:21 kk-nb NetworkManager: VPN service 'org.freedesktop.NetworkManager.openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 24258 Feb 18 11:19:21 kk-nb NetworkManager: VPN service 'org.freedesktop.NetworkManager.openvpn' just appeared, activating connections Feb 18 11:19:21 kk-nb NetworkManager: VPN plugin state changed: 1 Feb 18 11:19:21 kk-nb nm-openvpn[24261]: OpenVPN 2.1_rc19 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Oct 13 2009 Feb 18 11:19:21 kk-nb NetworkManager: VPN plugin state changed: 3 Feb 18 11:19:21 kk-nb NetworkManager: VPN connection 'kufr' (Connect) reply received. Feb 18 11:19:21 kk-nb nm-openvpn[24261]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Feb 18 11:19:21 kk-nb nm-openvpn[24261]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Feb 18 11:19:21 kk-nb nm-openvpn[24261]: WARNING: file '/home/kk/.openvpn/kk-nb.key' is group or others accessible Feb 18 11:19:21 kk-nb nm-openvpn[24261]: /usr/bin/openssl-vulnkey -q -b 1024 -m Feb 18 11:19:22 kk-nb nm-openvpn[24261]: UDPv4 link local: [undef] Feb 18 11:19:22 kk-nb nm-openvpn[24261]: UDPv4 link remote: 194.228.84.159:28960 Feb 18 11:19:22 kk-nb nm-openvpn[24261]: [ns.kufr.cz] Peer Connection Initiated with 194.228.84.159:28960 Feb 18 11:19:23 kk-nb NetworkManager:SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/tap0, iface: tap0) Feb 18 11:19:23 kk-nb NetworkManager:SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/tap0, iface: tap0): no ifupdown configuration found. Feb 18 11:19:23 kk-nb NetworkManager: device_creator(): /sys/devices/virtual/net/tap0: couldn't determine device driver; ignoring... Feb 18 11:19:23 kk-nb nm-openvpn[24261]: TUN/TAP device tap0 opened Feb 18 11:19:23 kk-nb nm-openvpn[24261]: /sbin/ifconfig tap0 44.177.215.7 netmask 255.255.255.240 mtu 1500 broadcast 44.177.215.15 Feb 18 11:19:23 kk-nb nm-openvpn[24261]: /usr/lib/network-manager-openvpn/nm-openvpn-service-openvpn-helper tap0 1500 1
Re: OpenVPN config problem
On Thu, 2010-02-18 at 11:24 +0100, Karel Kozlik wrote: > Hi Dan, > > Dan Williams napsal(a): > > On Wed, 2010-02-17 at 10:36 +0100, Karel Kozlik wrote: > >> Hi, > >> could someone help me vith openVPN configuration in Network Manager? > >> Actualy when I click to VPN connection in NM, it does nothing. > >> /var/log/syslog contain following lines: > >> > >> I see the message "VPN connection 'my-vpn' failed to connect: 'No VPN > >> secrets!'", but I believe the secrets are configured correctly. > > > > Is your private key by any chance *un*encrypted? The VPN service plugin > > currently requires encrypted private keys (which are more secure anyway) > > and it could fail like this in that case. > > > > Do you mean password protected key? My key was not. > > I tried create password protected key and changed the connectio type to > "x509 with password" and filled the password into setttings. It still > not worked. But when I changed the key to my old one (unecrypted) and > left the connection type to "x509 with password" it connected. There are a few different passwords here. There's the "private key password", which is used to unlock your private key for TLS connections, and then there's also the "user password", which is used for password-based authentication that openvpn supports. Somewhat confusingly, you can stack these methods in openvpn, which is what the "TLS with password" thing is. But that's not what you want. Your connection appears to be TLS only, so you only need to choose "x509" there like you were before. I'm assuming that knetworkmanager is smart enough to ask you for your private key password when nm-openvpn-service needs it. So try flipping back to just "x509" and see where that gets you. Dan > But I am not sure if the connection procedure finished. The openvpn > daemon is running, tap interface exists, I can ping remote server > interface (via vpn) and default route is set to VPN tap interface. But > status of the connection in knetworkmanager did not changed. So I cannot > disconnect from it. I also cannot ping any another host except those on > my LAN segment and the remote VPN server. The packets should be routed > throught VPN connection to another nodes, but they are not. However it > works if I connect purely with openvpn (not useing NM). > > Any idea what could be worng? Including my syslog. > > thanks, > Karel > > > > Feb 18 11:19:21 kk-nb NetworkManager: Starting VPN service > 'org.freedesktop.NetworkManager.openvpn'... > Feb 18 11:19:21 kk-nb NetworkManager: VPN service > 'org.freedesktop.NetworkManager.openvpn' started > (org.freedesktop.NetworkManager.openvpn), PID 24258 > > > Feb 18 11:19:21 kk-nb NetworkManager: VPN service > 'org.freedesktop.NetworkManager.openvpn' just appeared, activating > connections > Feb 18 11:19:21 kk-nb NetworkManager: VPN plugin state changed: > 1 > Feb 18 11:19:21 kk-nb nm-openvpn[24261]: OpenVPN 2.1_rc19 > x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Oct 13 2009 > > Feb 18 11:19:21 kk-nb NetworkManager: VPN plugin state changed: > 3 > Feb 18 11:19:21 kk-nb NetworkManager: VPN connection 'kufr' > (Connect) reply received. > Feb 18 11:19:21 kk-nb nm-openvpn[24261]: WARNING: No server certificate > verification method has been enabled. See > http://openvpn.net/howto.html#mitm for more info. > > > Feb 18 11:19:21 kk-nb nm-openvpn[24261]: NOTE: the current > --script-security setting may allow this configuration to call > user-defined scripts > > > Feb 18 11:19:21 kk-nb nm-openvpn[24261]: WARNING: file > '/home/kk/.openvpn/kk-nb.key' is group or others accessible > > Feb 18 11:19:21 kk-nb nm-openvpn[24261]: /usr/bin/openssl-vulnkey -q -b > 1024 -m > Feb 18 11:19:22 kk-nb nm-openvpn[24261]: UDPv4 link local: [undef] > > Feb 18 11:19:22 kk-nb nm-openvpn[24261]: UDPv4 link remote: > 194.228.84.159:28960 > > Feb 18 11:19:22 kk-nb nm-openvpn[24261]: [ns.kufr.cz] Peer Connection > Initiated with 194.228.84.159:28960 > Feb 18 11:19:23 kk-nb NetworkManager:SCPlugin-Ifupdown: devices > added (path: /sys/devices/virtual/net/tap0, iface: tap0) > Feb 18 11:19:23 kk-nb NetworkManager:SCPlugin-Ifupdown: device added > (path: /sys/devices/virtual/net/tap0, iface: tap0): no ifupdown > configuration found. > > Feb 18 11:19:23 kk-nb NetworkManager: device_creator(): > /sys/devices/virtual/net/tap0: couldn't determine device driver; ignoring... > Feb 18 11:19:23 kk-nb nm-openvpn[24261]: TUN/TAP device tap0 opened > Feb 18 11:19:23 kk-nb nm-openvpn[24261]: /sbin/ifconfig tap0 > 44.177.215.7 netmask 255.255.255.240 mtu 1500 broadcast 44.177.215.15 > Feb 18 11:19:23 kk-nb nm-openvpn[24261]: > /usr/lib/network-manager-openvpn/nm-openvpn-service-openvpn-helper tap0 > 1500 1573 44.177.215.7 255.255.255.240 init > Feb 18 11:19:23 kk-nb avahi-daemon[1002]: Joining mDNS multicast group > on interface tap0.IPv4 with address 44.177.215.7. > Feb 18 11:19:23 kk-nb ava
Re: OpenVPN config problem
Hi Dan, Dan Williams napsal(a): On Wed, 2010-02-17 at 10:36 +0100, Karel Kozlik wrote: Hi, could someone help me vith openVPN configuration in Network Manager? Actualy when I click to VPN connection in NM, it does nothing. /var/log/syslog contain following lines: I see the message "VPN connection 'my-vpn' failed to connect: 'No VPN secrets!'", but I believe the secrets are configured correctly. Is your private key by any chance *un*encrypted? The VPN service plugin currently requires encrypted private keys (which are more secure anyway) and it could fail like this in that case. Do you mean password protected key? My key was not. I tried create password protected key and changed the connectio type to "x509 with password" and filled the password into setttings. It still not worked. But when I changed the key to my old one (unecrypted) and left the connection type to "x509 with password" it connected. But I am not sure if the connection procedure finished. The openvpn daemon is running, tap interface exists, I can ping remote server interface (via vpn) and default route is set to VPN tap interface. But status of the connection in knetworkmanager did not changed. So I cannot disconnect from it. I also cannot ping any another host except those on my LAN segment and the remote VPN server. The packets should be routed throught VPN connection to another nodes, but they are not. However it works if I connect purely with openvpn (not useing NM). Any idea what could be worng? Including my syslog. thanks, Karel Feb 18 11:19:21 kk-nb NetworkManager: Starting VPN service 'org.freedesktop.NetworkManager.openvpn'... Feb 18 11:19:21 kk-nb NetworkManager: VPN service 'org.freedesktop.NetworkManager.openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 24258 Feb 18 11:19:21 kk-nb NetworkManager: VPN service 'org.freedesktop.NetworkManager.openvpn' just appeared, activating connections Feb 18 11:19:21 kk-nb NetworkManager: VPN plugin state changed: 1 Feb 18 11:19:21 kk-nb nm-openvpn[24261]: OpenVPN 2.1_rc19 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Oct 13 2009 Feb 18 11:19:21 kk-nb NetworkManager: VPN plugin state changed: 3 Feb 18 11:19:21 kk-nb NetworkManager: VPN connection 'kufr' (Connect) reply received. Feb 18 11:19:21 kk-nb nm-openvpn[24261]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Feb 18 11:19:21 kk-nb nm-openvpn[24261]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Feb 18 11:19:21 kk-nb nm-openvpn[24261]: WARNING: file '/home/kk/.openvpn/kk-nb.key' is group or others accessible Feb 18 11:19:21 kk-nb nm-openvpn[24261]: /usr/bin/openssl-vulnkey -q -b 1024 -m Feb 18 11:19:22 kk-nb nm-openvpn[24261]: UDPv4 link local: [undef] Feb 18 11:19:22 kk-nb nm-openvpn[24261]: UDPv4 link remote: 194.228.84.159:28960 Feb 18 11:19:22 kk-nb nm-openvpn[24261]: [ns.kufr.cz] Peer Connection Initiated with 194.228.84.159:28960 Feb 18 11:19:23 kk-nb NetworkManager:SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/tap0, iface: tap0) Feb 18 11:19:23 kk-nb NetworkManager:SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/tap0, iface: tap0): no ifupdown configuration found. Feb 18 11:19:23 kk-nb NetworkManager: device_creator(): /sys/devices/virtual/net/tap0: couldn't determine device driver; ignoring... Feb 18 11:19:23 kk-nb nm-openvpn[24261]: TUN/TAP device tap0 opened Feb 18 11:19:23 kk-nb nm-openvpn[24261]: /sbin/ifconfig tap0 44.177.215.7 netmask 255.255.255.240 mtu 1500 broadcast 44.177.215.15 Feb 18 11:19:23 kk-nb nm-openvpn[24261]: /usr/lib/network-manager-openvpn/nm-openvpn-service-openvpn-helper tap0 1500 1573 44.177.215.7 255.255.255.240 init Feb 18 11:19:23 kk-nb avahi-daemon[1002]: Joining mDNS multicast group on interface tap0.IPv4 with address 44.177.215.7. Feb 18 11:19:23 kk-nb avahi-daemon[1002]: New relevant interface tap0.IPv4 for mDNS. Feb 18 11:19:23 kk-nb avahi-daemon[1002]: Registering new address record for 44.177.215.7 on tap0.IPv4. Feb 18 11:19:23 kk-nb avahi-daemon[1002]: Withdrawing address record for 44.177.215.7 on tap0. Feb 18 11:19:23 kk-nb avahi-daemon[1002]: Leaving mDNS multicast group on interface tap0.IPv4 with address 44.177.215.7. Feb 18 11:19:23 kk-nb avahi-daemon[1002]: Interface tap0.IPv4 no longer relevant for mDNS. Feb 18 11:19:23 kk-nb avahi-daemon[1002]: Joining mDNS multicast group on interface tap0.IPv4 with address 44.177.215.7. Feb 18 11:19:23 kk-nb avahi-daemon[1002]: New relevant interface tap0.IPv4 for mDNS. Feb 18 11:19:23 kk-nb avahi-daemon[1002]: Registering new address record for 44.177.215.7 on tap0.IPv4. Feb 18 11:19:23 kk-nb NetworkManager: VPN connection 'kufr' (IP Config Get) reply received. Feb 18 11:19:23 kk-nb NetworkManager: VPN Gateway: 194.228.84.159 Feb 18 11:19:23 kk
Re: OpenVPN config problem
On Wed, 2010-02-17 at 10:36 +0100, Karel Kozlik wrote: > Hi, > could someone help me vith openVPN configuration in Network Manager? > Actualy when I click to VPN connection in NM, it does nothing. > /var/log/syslog contain following lines: > > I see the message "VPN connection 'my-vpn' failed to connect: 'No VPN > secrets!'", but I believe the secrets are configured correctly. Is your private key by any chance *un*encrypted? The VPN service plugin currently requires encrypted private keys (which are more secure anyway) and it could fail like this in that case. Dan ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
OpenVPN config problem
Hi, could someone help me vith openVPN configuration in Network Manager? Actualy when I click to VPN connection in NM, it does nothing. /var/log/syslog contain following lines: Feb 17 10:11:13 kk-nb NetworkManager: Starting VPN service 'org.freedesktop.NetworkManager.openvpn'... Feb 17 10:11:13 kk-nb NetworkManager: VPN service 'org.freedesktop.NetworkManager.openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 12393 Feb 17 10:11:13 kk-nb NetworkManager: VPN service 'org.freedesktop.NetworkManager.openvpn' just appeared, activating connections Feb 17 10:11:13 kk-nb NetworkManager: VPN plugin state changed: 1 Feb 17 10:11:13 kk-nb NetworkManager: VPN plugin state changed: 3 Feb 17 10:11:13 kk-nb NetworkManager: VPN connection 'my-vpn' (Connect) reply received. Feb 17 10:11:13 kk-nb NetworkManager: nm_vpn_connection_connect_cb(): VPN connection 'my-vpn' failed to connect: 'No VPN secrets!'. Feb 17 10:11:13 kk-nb NetworkManager: connection_state_changed(): Could not process the request because no VPN connection was active. Feb 17 10:11:13 kk-nb NetworkManager: (eth0): writing resolv.conf to /sbin/resolvconf Feb 17 10:11:13 kk-nb NetworkManager: Policy set 'eth0 - dhcp' (eth0) as default for routing and DNS. Feb 17 10:11:26 kk-nb NetworkManager: [1266397886.002812] ensure_killed(): waiting for vpn service pid 12393 to exit Feb 17 10:11:26 kk-nb NetworkManager: [1266397886.002989] ensure_killed(): vpn service pid 12393 cleaned up I see the message "VPN connection 'my-vpn' failed to connect: 'No VPN secrets!'", but I believe the secrets are configured correctly. Ypu can check my openvpn config file (that works and connect to vpn without problems) and screenshots of my NM configuration at http://www.kufr.cz/kk/bordel/vpn/ I am useing: network-manager 0.8~a~git.20091013t193206.679d548-0ubuntu1 network-manager-openvpn 0.8~a~git.20091008t123607.7c184a9-0ubuntu1 plasma-widget-networkmanagement 0.9~svn1029786+ag1-0ubuntu1 thanks, Karel ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list