Re: OpenVpn plugin NeedSecret
[SOLVED]
I've solved the problem. Thanks a lot to Dan for his support.
I've added all secrets into
/etc/NetworkManager/system-connection/VPNconn...below the correct structure:
[connection]
id=VPNconn
uuid=355653c0-34d3-4777-ad25-f9a498b7ef8e
type=vpn
autoconnect=FALSE
[ipv4]
method=auto
[vpn]
name=openvpn
service-type=org.freedesktop.NetworkManager.openvpn
connection-type=tls
remote=xx..xx.it
proto-tcp=no
reneg-seconds=0
port=1194
ca=/etc/openvpn/certs/cacert.crt
cert=/etc/openvpn/certs/x.pem
key=/etc/openvpn/certs/xx-key.pem
comp-lzo=yes
[ipv6]
method=ignore
Reagards
On Thu, Nov 3, 2011 at 4:43 PM, Dan Williams d...@redhat.com wrote:
On Thu, 2011-11-03 at 16:03 +0100, Francesco Andrisani wrote:
Thanks a lot. But i'm not able to know all parameter to intert into
my /etc/NetworkManager/system-connections/VPNconnection.
For example keyfile, certficate, ecc
Please can you tell me how to find these informations (all
parameters)?
At the moment the best way to do this is to edit the connection with
nm-connection-editor; otherwise it's a bit byzantine but the list of
acceptable parameters is here:
http://git.gnome.org/browse/network-manager-openvpn/tree/src/nm-openvpn-service.h
and the values that these keys can contain are in the code, but it's
probably non-trivial to pull them out. I can see where documenting the
acceptable values in the header there would be a nice thing to do.
Otherwise, if you have a config file you're importing from that would
work, or I can help you figure out what to use if you can describe your
VPN setup more. Or nm-connection-editor.
Dan
Thanks and regards
On Thu, Nov 3, 2011 at 3:51 PM, Dan Williams d...@redhat.com wrote:
On Thu, 2011-11-03 at 10:26 +0100, Francesco Andrisani wrote:
Anothe DEBUG info:
debian:/etc/NetworkManager# /usr/libexec/nm-openvpn-service
--debug
** Message: nm-openvpn-service (version 0.9.0) starting...
** Message: real_need_secrets: connection
-
connection
name : connection
id : VPNconnection (s)
uuid : 355653c0-34d3-4777-ad25-f9a498b7ef8e (s)
type : vpn (s)
permissions : [] (sd)
autoconnect : FALSE (s)
timestamp : 0 (sd)
read-only : FALSE (sd)
ipv4
name : ipv4
method : auto (s)
dns : [] (s)
dns-search : [] (sd)
addresses : [] (s)
routes : [] (s)
ignore-auto-routes : FALSE (sd)
ignore-auto-dns : FALSE (sd)
dhcp-client-id : NULL (sd)
dhcp-send-hostname : TRUE (sd)
dhcp-hostname : NULL (sd)
never-default : FALSE (sd)
may-fail : FALSE (sd)
ipv6
name : ipv6
method : ignore (s)
dns : [] (s)
dns-search : [] (sd)
addresses : [] (s)
routes : [] (s)
ignore-auto-routes : FALSE (sd)
ignore-auto-dns : FALSE (sd)
never-default : FALSE (sd)
may-fail : TRUE (sd)
vpn
name : vpn
service-type :
org.freedesktop.NetworkManager.openvpn (s)
user-name : NULL (sd)
data : [ { 'name': openvpn }, ] (s)
secrets : [ ] (s)
So here's the problem; the [vpn] setting isn't completely
specified.
Did you import this connection from an openvpn config file?
Unless this
was changed at some point (or there's a bug in the editor)
this
connection was never valid since it doesn't have the required
connection
type field and a few other things. Here's what it *should*
look like:
[vpn]
service-type=org.freedesktop.NetworkManager.openvpn
connection-type=password
password-flags=3
remote=ovpn.mycompany.com
cipher=AES-256-CBC
proto-tcp=yes
reneg-seconds=0
port=443
username=dcbw
ca=/home/dcbw/MyCA.pem
or something along those lines. If you imported it from a
config file,
can you try doing that again? If it still looks like this,
can you send
me the config file so I can see what's going wrong?
Dan
Regards
On Thu, Nov 3, 2011 at 10:12 AM, Francesco Andrisani
francesco.andris...@acotel.com wrote:
OK.
So i've installed openvpn client on my workstation
with
Re: OpenVpn plugin NeedSecret
OK. So i've installed openvpn client on my workstation with certificate authentication and...it work fine. About NetworkManager-openvpn i've installed (from sources) 0.9.0 version, the same of NetworkManager (it also installed from sources). A clarification...i use the system without X server (no gnome, no kde). Below my NetworkManager and NetworkManager-openvpn configuration files. debian:/etc/NetworkManager# cat system-connections/VPNconnection [connection] id=VPNconnection uuid=355653c0-34d3-4777-ad25-f9a498b7ef8e type=vpn autoconnect=FALSE [ipv4] method=auto [vpn] name=openvpn service-type=org.freedesktop.NetworkManager.openvpn [ipv6] method=ignore I've no secrets specified here, Is it correct? I've no password for start opevpn client manually. Only certificate authentication. debian:/etc/NetworkManager# cat VPN/nm-openvpn-service.name [VPN Connection] name=openvpn service=org.freedesktop.NetworkManager.openvpn program=/usr/libexec/nm-openvpn-service Regards On Thu, Nov 3, 2011 at 2:25 AM, Dan Williams d...@redhat.com wrote: On Wed, 2011-11-02 at 10:21 +0100, Francesco Andrisani wrote: (355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection) plugin NeedSecrets request #1 failed: dbus-glib-error-quark Invalid connection type. This part is the problem. Any chance you could paste in your vpn connection file from /etc/NetworkManager/system-connections for us to look at? Remove any passwords and out any sensitive information before doing so. Any idea what version of NetworkManager-openvpn you've got installed? Dan -- *Francesco Andrisani* mailto:francesco.andris...@acotel.com *Acotel Spa* http://www.acotel.com Via della Valle dei Fontanili, 29 00168 Roma Tel +390661141200 Fax +39066149936 Le informazioni contenute nella comunicazione che precede possono essere riservate e sono, comunque, destinate esclusivamente alla persona o all’ente sopraindicati. La diffusione, distribuzione e/o copiatura non autorizzata del documento trasmesso da parte di qualsiasi soggetto è proibita. La sicurezza e la correttezza dei messaggi di posta elettronica non possono essere garantite. Se avete ricevuto questo messaggio per errore, Vi preghiamo di contattarci immediatamente. Grazie. This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any transmission. If you receive this message in error, please immediately delete it and all copies of it from your system, destroy any hard copies of it and notify the sender. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. Thanks ___ networkmanager-list mailing list networkmanager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: OpenVpn plugin NeedSecret
Anothe DEBUG info:
debian:/etc/NetworkManager# /usr/libexec/nm-openvpn-service --debug
** Message: nm-openvpn-service (version 0.9.0) starting...
** Message: real_need_secrets: connection
-
connection
name : connection
id : VPNconnection (s)
uuid : 355653c0-34d3-4777-ad25-f9a498b7ef8e (s)
type : vpn (s)
permissions : [] (sd)
autoconnect : FALSE (s)
timestamp : 0 (sd)
read-only : FALSE (sd)
ipv4
name : ipv4
method : auto (s)
dns : [] (s)
dns-search : [] (sd)
addresses : [] (s)
routes : [] (s)
ignore-auto-routes : FALSE (sd)
ignore-auto-dns : FALSE (sd)
dhcp-client-id : NULL (sd)
dhcp-send-hostname : TRUE (sd)
dhcp-hostname : NULL (sd)
never-default : FALSE (sd)
may-fail : FALSE (sd)
ipv6
name : ipv6
method : ignore (s)
dns : [] (s)
dns-search : [] (sd)
addresses : [] (s)
routes : [] (s)
ignore-auto-routes : FALSE (sd)
ignore-auto-dns : FALSE (sd)
never-default : FALSE (sd)
may-fail : TRUE (sd)
vpn
name : vpn
service-type : org.freedesktop.NetworkManager.openvpn (s)
user-name : NULL (sd)
data : [ { 'name': openvpn }, ] (s)
secrets : [ ] (s)
Regards
On Thu, Nov 3, 2011 at 10:12 AM, Francesco Andrisani
francesco.andris...@acotel.com wrote:
OK.
So i've installed openvpn client on my workstation with certificate
authentication and...it work fine.
About NetworkManager-openvpn i've installed (from sources) 0.9.0 version,
the same of NetworkManager (it also installed from sources).
A clarification...i use the system without X server (no gnome, no kde).
Below my NetworkManager and NetworkManager-openvpn configuration files.
debian:/etc/NetworkManager# cat system-connections/VPNconnection
[connection]
id=VPNconnection
uuid=355653c0-34d3-4777-ad25-f9a498b7ef8e
type=vpn
autoconnect=FALSE
[ipv4]
method=auto
[vpn]
name=openvpn
service-type=org.freedesktop.NetworkManager.openvpn
[ipv6]
method=ignore
I've no secrets specified here, Is it correct? I've no password for start
opevpn client manually. Only certificate authentication.
debian:/etc/NetworkManager# cat VPN/nm-openvpn-service.name
[VPN Connection]
name=openvpn
service=org.freedesktop.NetworkManager.openvpn
program=/usr/libexec/nm-openvpn-service
Regards
On Thu, Nov 3, 2011 at 2:25 AM, Dan Williams d...@redhat.com wrote:
On Wed, 2011-11-02 at 10:21 +0100, Francesco Andrisani wrote:
(355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection) plugin
NeedSecrets
request #1 failed: dbus-glib-error-quark Invalid connection type.
This part is the problem. Any chance you could paste in your vpn
connection file from /etc/NetworkManager/system-connections for us to
look at? Remove any passwords and out any sensitive information
before doing so.
Any idea what version of NetworkManager-openvpn you've got installed?
Dan
--
*Francesco Andrisani*
mailto:francesco.andris...@acotel.com
*Acotel Spa*
http://www.acotel.com
Via della Valle dei Fontanili, 29
00168 Roma
Tel +390661141200
Fax +39066149936
Le informazioni contenute nella comunicazione che precede possono essere
riservate e sono, comunque, destinate esclusivamente alla persona o
all’ente sopraindicati. La diffusione, distribuzione e/o copiatura non
autorizzata del documento trasmesso da parte di qualsiasi soggetto è
proibita. La sicurezza e la correttezza dei messaggi di posta elettronica
non possono essere garantite. Se avete ricevuto questo messaggio per
errore, Vi preghiamo di contattarci immediatamente. Grazie.
This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any transmission. If you
receive this message in error, please immediately delete it and all copies
of it from your system, destroy any hard copies of it and notify the
sender. You must not, directly or indirectly, use, disclose, distribute,
print, or copy any part of this message if you are not the intended
recipient. Thanks
--
*Francesco Andrisani*
mailto:francesco.andris...@acotel.com
*Acotel Spa*
http://www.acotel.com
Via della Valle dei Fontanili, 29
00168 Roma
Tel +390661141200
Fax +39066149936
Le informazioni contenute nella comunicazione che precede possono essere
riservate e sono, comunque, destinate esclusivamente alla persona o
all’ente sopraindicati. La diffusione, distribuzione e/o copiatura non
autorizzata del documento trasmesso da parte di qualsiasi soggetto è
proibita. La sicurezza e la correttezza dei messaggi di posta elettronica
non possono essere garantite. Se avete ricevuto questo messaggio per
errore, Vi preghiamo di
Re: OpenVpn plugin NeedSecret
Thanks a lot. But i'm not able to know all parameter to intert into my
/etc/NetworkManager/system-connections/VPNconnection.
For example keyfile, certficate, ecc
Please can you tell me how to find these informations (all parameters)?
Thanks and regards
On Thu, Nov 3, 2011 at 3:51 PM, Dan Williams d...@redhat.com wrote:
On Thu, 2011-11-03 at 10:26 +0100, Francesco Andrisani wrote:
Anothe DEBUG info:
debian:/etc/NetworkManager# /usr/libexec/nm-openvpn-service --debug
** Message: nm-openvpn-service (version 0.9.0) starting...
** Message: real_need_secrets: connection
-
connection
name : connection
id : VPNconnection (s)
uuid : 355653c0-34d3-4777-ad25-f9a498b7ef8e (s)
type : vpn (s)
permissions : [] (sd)
autoconnect : FALSE (s)
timestamp : 0 (sd)
read-only : FALSE (sd)
ipv4
name : ipv4
method : auto (s)
dns : [] (s)
dns-search : [] (sd)
addresses : [] (s)
routes : [] (s)
ignore-auto-routes : FALSE (sd)
ignore-auto-dns : FALSE (sd)
dhcp-client-id : NULL (sd)
dhcp-send-hostname : TRUE (sd)
dhcp-hostname : NULL (sd)
never-default : FALSE (sd)
may-fail : FALSE (sd)
ipv6
name : ipv6
method : ignore (s)
dns : [] (s)
dns-search : [] (sd)
addresses : [] (s)
routes : [] (s)
ignore-auto-routes : FALSE (sd)
ignore-auto-dns : FALSE (sd)
never-default : FALSE (sd)
may-fail : TRUE (sd)
vpn
name : vpn
service-type : org.freedesktop.NetworkManager.openvpn (s)
user-name : NULL (sd)
data : [ { 'name': openvpn }, ] (s)
secrets : [ ] (s)
So here's the problem; the [vpn] setting isn't completely specified.
Did you import this connection from an openvpn config file? Unless this
was changed at some point (or there's a bug in the editor) this
connection was never valid since it doesn't have the required connection
type field and a few other things. Here's what it *should* look like:
[vpn]
service-type=org.freedesktop.NetworkManager.openvpn
connection-type=password
password-flags=3
remote=ovpn.mycompany.com
cipher=AES-256-CBC
proto-tcp=yes
reneg-seconds=0
port=443
username=dcbw
ca=/home/dcbw/MyCA.pem
or something along those lines. If you imported it from a config file,
can you try doing that again? If it still looks like this, can you send
me the config file so I can see what's going wrong?
Dan
Regards
On Thu, Nov 3, 2011 at 10:12 AM, Francesco Andrisani
francesco.andris...@acotel.com wrote:
OK.
So i've installed openvpn client on my workstation with
certificate authentication and...it work fine.
About NetworkManager-openvpn i've installed (from sources)
0.9.0 version, the same of NetworkManager (it also installed
from sources).
A clarification...i use the system without X server (no gnome,
no kde).
Below my NetworkManager and NetworkManager-openvpn
configuration files.
debian:/etc/NetworkManager# cat
system-connections/VPNconnection
[connection]
id=VPNconnection
uuid=355653c0-34d3-4777-ad25-f9a498b7ef8e
type=vpn
autoconnect=FALSE
[ipv4]
method=auto
[vpn]
name=openvpn
service-type=org.freedesktop.NetworkManager.openvpn
[ipv6]
method=ignore
I've no secrets specified here, Is it correct? I've no
password for start opevpn client manually. Only certificate
authentication.
debian:/etc/NetworkManager# cat VPN/nm-openvpn-service.name
[VPN Connection]
name=openvpn
service=org.freedesktop.NetworkManager.openvpn
program=/usr/libexec/nm-openvpn-service
Regards
On Thu, Nov 3, 2011 at 2:25 AM, Dan Williams d...@redhat.com
wrote:
On Wed, 2011-11-02 at 10:21 +0100, Francesco Andrisani
wrote:
(355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection)
plugin
NeedSecrets
request #1 failed: dbus-glib-error-quark Invalid
connection type.
This part is the problem. Any chance you could paste
in your vpn
connection file
from /etc/NetworkManager/system-connections for us to
look at? Remove any passwords and out any
sensitive information
before doing so.
Any idea what version of NetworkManager-openvpn you've
got installed?
Dan
--
Francesco Andrisani
Re: OpenVpn plugin NeedSecret
Hi, then...below my new (NetworkManager-openvpn) confg file and client.conf (openvpn) config file: debian# cat /etc/NetworkManager/system-connections/VPNconnection [connection] id=VPNconnection uuid=355653c0-34d3-4777-ad25-f9a498b7ef8e type=vpn autoconnect=FALSE [ipv4] method=auto [vpn] name=openvpn service-type=org.freedesktop.NetworkManager.openvpn remote=openvpn.xxx.x.it proto-udp=yes reneg-seconds=0 port=1194 ca=/etc/openvpn/certs/cacert.crt cert=/etc/openvpn/certs/-vpn.pem key=/etc/openvpn/certs/x-vpn-key.pem [ipv6] method=ignore debian# cat /etc/openvpn/client.conf client dev tun proto udp # This is the remote ip address and port of the VPN Server remote openvpn.xxx.xx.it resolv-retry infinite ping 10 ping-restart 60 nobind persist-key persist-tun ca certs/cacert.crt cert certs/-vpn.pem key certs/xx-vpn-key.pem verb 3 comp-lzo explicit-exit-notify 2 log-append /var/log/openvpn.log Now...after your changes, if i try to start vpn from NetworkManager i can see these logs: Nov 3 16:26:54 debian NetworkManager[2899]: info Starting VPN service 'openvpn'... Nov 3 16:26:54 debian NetworkManager[2899]: info VPN service 'openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 3296 Nov 3 16:26:54 debian NetworkManager[2899]: info VPN service 'openvpn' appeared; activating connections Nov 3 16:26:54 debian NetworkManager[2899]: debug [1320337614.716383] [nm-vpn-connection.c:902] get_secrets(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection) requesting VPN secrets pass #1 Nov 3 16:26:54 debian NetworkManager[2899]: debug [1320337614.716961] [nm-agent-manager.c:1100] nm_agent_manager_get_secrets(): Secrets requested for connection /org/freedesktop/NetworkManager/Settings/5 (vpn) Nov 3 16:26:54 debian NetworkManager[2899]: debug [1320337614.717110] [nm-settings-connection.c:850] nm_settings_connection_get_secrets(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:3) secrets requested flags 0x8000 hint '(null)' Nov 3 16:26:54 debian NetworkManager[2899]: debug [1320337614.720913] [nm-agent-manager.c:1015] get_start(): (0xfcba0/vpn) system settings secrets sufficient Nov 3 16:26:54 debian NetworkManager[2899]: debug [1320337614.721055] [nm-settings-connection.c:706] agent_secrets_done_cb(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:3) existing secrets returned Nov 3 16:26:54 debian NetworkManager[2899]: debug [1320337614.721154] [nm-settings-connection.c:712] agent_secrets_done_cb(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:3) secrets request completed Nov 3 16:26:54 debian NetworkManager[2899]: debug [1320337614.733265] [nm-settings-connection.c:751] agent_secrets_done_cb(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:3) new agent secrets processed Nov 3 16:26:54 debian NetworkManager[2899]: debug [1320337614.733906] [nm-vpn-connection.c:870] get_secrets_cb(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection) asking service if additional secrets are required Nov 3 16:26:54 debian NetworkManager[2899]: info VPN plugin state changed: 1 Nov 3 16:26:54 debian NetworkManager[2899]: info Policy set 'MyConnection' (eth0) as default for IPv4 routing and DNS. Nov 3 16:27:00 debian NetworkManager[2899]: info VPN service 'openvpn' disappeared Nov 3 16:27:02 debian NetworkManager[2899]: debug [1320337622.2972] [nm-vpn-service.c:267] ensure_killed(): waiting for VPN service pid 3296 to exit Nov 3 16:27:02 debian NetworkManager[2899]: debug [1320337622.3592] [nm-vpn-service.c:269] ensure_killed(): VPN service pid 3296 cleaned up Thanks and Regards On Thu, Nov 3, 2011 at 4:03 PM, Francesco Andrisani francesco.andris...@acotel.com wrote: Thanks a lot. But i'm not able to know all parameter to intert into my /etc/NetworkManager/system-connections/VPNconnection. For example keyfile, certficate, ecc Please can you tell me how to find these informations (all parameters)? Thanks and regards On Thu, Nov 3, 2011 at 3:51 PM, Dan Williams d...@redhat.com wrote: On Thu, 2011-11-03 at 10:26 +0100, Francesco Andrisani wrote: Anothe DEBUG info: debian:/etc/NetworkManager# /usr/libexec/nm-openvpn-service --debug ** Message: nm-openvpn-service (version 0.9.0) starting... ** Message: real_need_secrets: connection - connection name : connection id : VPNconnection (s) uuid : 355653c0-34d3-4777-ad25-f9a498b7ef8e (s) type : vpn (s) permissions : [] (sd) autoconnect : FALSE (s) timestamp : 0 (sd) read-only : FALSE (sd) ipv4 name : ipv4 method : auto (s) dns : [] (s) dns-search : [] (sd) addresses : [] (s) routes : [] (s) ignore-auto-routes : FALSE (sd) ignore-auto-dns : FALSE (sd) dhcp-client-id : NULL (sd) dhcp-send-hostname : TRUE (sd) dhcp-hostname : NULL (sd) never-default : FALSE (sd) may-fail : FALSE (sd) ipv6 name : ipv6 method : ignore (s) dns : []
Re: OpenVpn plugin NeedSecret
On Thu, 2011-11-03 at 16:03 +0100, Francesco Andrisani wrote:
Thanks a lot. But i'm not able to know all parameter to intert into
my /etc/NetworkManager/system-connections/VPNconnection.
For example keyfile, certficate, ecc
Please can you tell me how to find these informations (all
parameters)?
At the moment the best way to do this is to edit the connection with
nm-connection-editor; otherwise it's a bit byzantine but the list of
acceptable parameters is here:
http://git.gnome.org/browse/network-manager-openvpn/tree/src/nm-openvpn-service.h
and the values that these keys can contain are in the code, but it's
probably non-trivial to pull them out. I can see where documenting the
acceptable values in the header there would be a nice thing to do.
Otherwise, if you have a config file you're importing from that would
work, or I can help you figure out what to use if you can describe your
VPN setup more. Or nm-connection-editor.
Dan
Thanks and regards
On Thu, Nov 3, 2011 at 3:51 PM, Dan Williams d...@redhat.com wrote:
On Thu, 2011-11-03 at 10:26 +0100, Francesco Andrisani wrote:
Anothe DEBUG info:
debian:/etc/NetworkManager# /usr/libexec/nm-openvpn-service
--debug
** Message: nm-openvpn-service (version 0.9.0) starting...
** Message: real_need_secrets: connection
-
connection
name : connection
id : VPNconnection (s)
uuid : 355653c0-34d3-4777-ad25-f9a498b7ef8e (s)
type : vpn (s)
permissions : [] (sd)
autoconnect : FALSE (s)
timestamp : 0 (sd)
read-only : FALSE (sd)
ipv4
name : ipv4
method : auto (s)
dns : [] (s)
dns-search : [] (sd)
addresses : [] (s)
routes : [] (s)
ignore-auto-routes : FALSE (sd)
ignore-auto-dns : FALSE (sd)
dhcp-client-id : NULL (sd)
dhcp-send-hostname : TRUE (sd)
dhcp-hostname : NULL (sd)
never-default : FALSE (sd)
may-fail : FALSE (sd)
ipv6
name : ipv6
method : ignore (s)
dns : [] (s)
dns-search : [] (sd)
addresses : [] (s)
routes : [] (s)
ignore-auto-routes : FALSE (sd)
ignore-auto-dns : FALSE (sd)
never-default : FALSE (sd)
may-fail : TRUE (sd)
vpn
name : vpn
service-type :
org.freedesktop.NetworkManager.openvpn (s)
user-name : NULL (sd)
data : [ { 'name': openvpn }, ] (s)
secrets : [ ] (s)
So here's the problem; the [vpn] setting isn't completely
specified.
Did you import this connection from an openvpn config file?
Unless this
was changed at some point (or there's a bug in the editor)
this
connection was never valid since it doesn't have the required
connection
type field and a few other things. Here's what it *should*
look like:
[vpn]
service-type=org.freedesktop.NetworkManager.openvpn
connection-type=password
password-flags=3
remote=ovpn.mycompany.com
cipher=AES-256-CBC
proto-tcp=yes
reneg-seconds=0
port=443
username=dcbw
ca=/home/dcbw/MyCA.pem
or something along those lines. If you imported it from a
config file,
can you try doing that again? If it still looks like this,
can you send
me the config file so I can see what's going wrong?
Dan
Regards
On Thu, Nov 3, 2011 at 10:12 AM, Francesco Andrisani
francesco.andris...@acotel.com wrote:
OK.
So i've installed openvpn client on my workstation
with
certificate authentication and...it work fine.
About NetworkManager-openvpn i've installed (from
sources)
0.9.0 version, the same of NetworkManager (it also
installed
from sources).
A clarification...i use the system without X server
(no gnome,
no kde).
Below my NetworkManager and NetworkManager-openvpn
configuration files.
debian:/etc/NetworkManager# cat
system-connections/VPNconnection
[connection]
id=VPNconnection
uuid=355653c0-34d3-4777-ad25-f9a498b7ef8e
Re: OpenVpn plugin NeedSecret
Hi, sorry for delay. Below the piace of log with log-legel DEBUG: NetworkManager[3054]: info Starting VPN service 'openvpn'... NetworkManager[3054]: info VPN service 'openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 3089 NetworkManager[3054]: info VPN service 'openvpn' appeared; activating connections NetworkManager[3054]: debug [1320230029.479049] [nm-vpn-connection.c:902] get_secrets(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection) requesting VPN secrets pass #1 NetworkManager[3054]: debug [1320230029.481972] [nm-agent-manager.c:1100] nm_agent_manager_get_secrets(): Secrets requested for connection /org/freedesktop/NetworkManager/Settings/0 (vpn) NetworkManager[3054]: debug [1320230029.485727] [nm-settings-connection.c:850] nm_settings_connection_get_secrets(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:2) secrets requested flags 0x8000 hint '(null)' NetworkManager[3054]: info VPN plugin state changed: 1 NetworkManager[3054]: debug [1320230029.491319] [nm-agent-manager.c:1015] get_start(): (0xe1c10/vpn) system settings secrets sufficient NetworkManager[3054]: debug [1320230029.492466] [nm-settings-connection.c:706] agent_secrets_done_cb(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:2) existing secrets returned NetworkManager[3054]: debug [1320230029.492907] [nm-settings-connection.c:712] agent_secrets_done_cb(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:2) secrets request completed NetworkManager[3054]: debug [1320230029.497663] [nm-settings-connection.c:751] agent_secrets_done_cb(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:2) new agent secrets processed NetworkManager[3054]: debug [1320230029.498118] [nm-vpn-connection.c:870] get_secrets_cb(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection) asking service if additional secrets are required NetworkManager[3054]: error [1320230029.511927] [nm-vpn-connection.c:823] plugin_need_secrets_cb(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection) plugin NeedSecrets request #1 failed: dbus-glib-error-quark Invalid connection type. NetworkManager[3054]: info Policy set 'MyConnection' (eth0) as default for IPv4 routing and DNS. NetworkManager[3054]: info VPN service 'openvpn' disappeared NetworkManager[3054]: debug [1320230037.2325] [nm-vpn-service.c:267] ensure_killed(): waiting for VPN service pid 3089 to exit NetworkManager[3054]: debug [1320230037.2932] [nm-vpn-service.c:269] ensure_killed(): VPN service pid 3089 cleaned up Thank you On Mon, Oct 31, 2011 at 11:28 PM, Dan Williams d...@redhat.com wrote: On Fri, 2011-10-28 at 18:34 +0200, Francesco Andrisani wrote: Hi, i'm newbie of Network manager, so sorry for any errors. I'm an Debian User. I've downloaded and conpiled Networkmanager-0.9.0 with ModemManager 0.5 and NetworkManager-openvpn-0.9.0 plugin. Network manager work fine. I'm able with my custom python script to use ethernet and gsm at modem. My problem is when i try to start Openvpn (using NM) throught ethernet device. I continuosly see into NM logs: Oct 28 17:16:46 sheevaplug-debian NetworkManager[2327]: info Starting VPN service 'openvpn'... Oct 28 17:16:46 sheevaplug-debian NetworkManager[2327]: info VPN service 'openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 2416 tun: Universal TUN/TAP device driver, 1.6 tun: (C) 1999-2004 Max Krasnyansky m...@qualcomm.com Oct 28 17:16:47 sheevaplug-debian NetworkManager[2327]: info VPN service 'openvpn' appeared; activating connections Oct 28 17:16:47 sheevaplug-debian NetworkManager[2327]: info VPN plugin state changed: 1 Oct 28 17:16:47 sheevaplug-debian NetworkManager[2327]: error [1319822207.127668] [nm-vpn-connection.c:823] plugin_need_secrets_cb(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection) plugin NeedSecret. Oct 28 17:16:47 sheevaplug-debian NetworkManager[2327]: info Policy set 'MyConnection' (eth0) as default for IPv4 routing and DNS. Oct 28 17:16:52 sheevaplug-debian NetworkManager[2327]: info VPN service 'openvpn' disappeared The error message appears to be somewhat cut off; can you grab the full message from [nm-vpn-connection.c:823] plugin_need_secrets_cb() for us? That will have more information about where the problem may lie. It should be something like: (355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection) plugin NeedSecrets request 1 failed: message message2 Dan -- *Francesco Andrisani* mailto:francesco.andris...@acotel.com *Acotel Spa* http://www.acotel.com Via della Valle dei Fontanili, 29 00168 Roma Tel +390661141200 Fax +39066149936 Le informazioni contenute nella comunicazione che precede possono essere riservate e sono, comunque, destinate esclusivamente alla persona o all’ente sopraindicati. La diffusione, distribuzione e/o copiatura non autorizzata del documento trasmesso da parte di qualsiasi soggetto è proibita. La sicurezza e la correttezza
Re: OpenVpn plugin NeedSecret
On Wed, 2011-11-02 at 10:21 +0100, Francesco Andrisani wrote: (355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection) plugin NeedSecrets request #1 failed: dbus-glib-error-quark Invalid connection type. This part is the problem. Any chance you could paste in your vpn connection file from /etc/NetworkManager/system-connections for us to look at? Remove any passwords and out any sensitive information before doing so. Any idea what version of NetworkManager-openvpn you've got installed? Dan ___ networkmanager-list mailing list networkmanager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: OpenVpn plugin NeedSecret
On Fri, 2011-10-28 at 18:34 +0200, Francesco Andrisani wrote: Hi, i'm newbie of Network manager, so sorry for any errors. I'm an Debian User. I've downloaded and conpiled Networkmanager-0.9.0 with ModemManager 0.5 and NetworkManager-openvpn-0.9.0 plugin. Network manager work fine. I'm able with my custom python script to use ethernet and gsm at modem. My problem is when i try to start Openvpn (using NM) throught ethernet device. I continuosly see into NM logs: Oct 28 17:16:46 sheevaplug-debian NetworkManager[2327]: info Starting VPN service 'openvpn'... Oct 28 17:16:46 sheevaplug-debian NetworkManager[2327]: info VPN service 'openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 2416 tun: Universal TUN/TAP device driver, 1.6 tun: (C) 1999-2004 Max Krasnyansky m...@qualcomm.com Oct 28 17:16:47 sheevaplug-debian NetworkManager[2327]: info VPN service 'openvpn' appeared; activating connections Oct 28 17:16:47 sheevaplug-debian NetworkManager[2327]: info VPN plugin state changed: 1 Oct 28 17:16:47 sheevaplug-debian NetworkManager[2327]: error [1319822207.127668] [nm-vpn-connection.c:823] plugin_need_secrets_cb(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection) plugin NeedSecret. Oct 28 17:16:47 sheevaplug-debian NetworkManager[2327]: info Policy set 'MyConnection' (eth0) as default for IPv4 routing and DNS. Oct 28 17:16:52 sheevaplug-debian NetworkManager[2327]: info VPN service 'openvpn' disappeared The error message appears to be somewhat cut off; can you grab the full message from [nm-vpn-connection.c:823] plugin_need_secrets_cb() for us? That will have more information about where the problem may lie. It should be something like: (355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection) plugin NeedSecrets request 1 failed: message message2 Dan ___ networkmanager-list mailing list networkmanager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
