Re: VPNC plugin on Ubuntu 8.04: disable DPD?
On Sat, 2008-06-07 at 12:51 -0400, Matthew Saltzman wrote: On Thu, 2008-06-05 at 08:36 -0400, Matthew Saltzman wrote: On Thu, 2008-06-05 at 12:19 +0200, Marc Luethi wrote: Hi all! [...] https://bugs.launchpad.net/ubuntu/+source/network-manager-vpnc/+bug/206000 For now, I'd be happy if I could enable/disable network-manager-vpnc's DPD globally. Can this be done? In Fedora's Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=403661 No action since I filed it last November. I have to run vpnc by ^ hand on those connections where DPD is an issue. The other thing I've noticed about this issue is that nobody on the NetworkManager team ever sees fit to comment when it comes up on the list. Mainly because I don't have quite enough bandwidth to deal with every issue right when it comes up, but it's probably useful to say This option is probably a good idea, but I need to finish piece X of NetworkManager first before I can look at it anyway. I updated that bug report BTW. Dan See also http://www.ces.clemson.edu/linux/f8-nm-iwl3945-B.shtml The other vpnc features that it would be good to be able to configure are NAT traversal mode selection and IPsec obfuscated secret support. thanks best regards Marc ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: VPNC plugin on Ubuntu 8.04: disable DPD?
On Thu, 2008-06-26 at 17:37 -0400, Dan Williams wrote: On Sat, 2008-06-07 at 12:51 -0400, Matthew Saltzman wrote: On Thu, 2008-06-05 at 08:36 -0400, Matthew Saltzman wrote: On Thu, 2008-06-05 at 12:19 +0200, Marc Luethi wrote: Hi all! [...] https://bugs.launchpad.net/ubuntu/+source/network-manager-vpnc/+bug/206000 For now, I'd be happy if I could enable/disable network-manager-vpnc's DPD globally. Can this be done? In Fedora's Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=403661 No action since I filed it last November. I have to run vpnc by ^ hand on those connections where DPD is an issue. The other thing I've noticed about this issue is that nobody on the NetworkManager team ever sees fit to comment when it comes up on the list. Mainly because I don't have quite enough bandwidth to deal with every issue right when it comes up, but it's probably useful to say This option is probably a good idea, but I need to finish piece X of NetworkManager first before I can look at it anyway. I updated that bug report BTW. I also added NAT traversal mode stuff during the UI rewrite too. For obfuscated secret, I think you mean the group secret, right? Dan Dan See also http://www.ces.clemson.edu/linux/f8-nm-iwl3945-B.shtml The other vpnc features that it would be good to be able to configure are NAT traversal mode selection and IPsec obfuscated secret support. thanks best regards Marc ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: VPNC plugin on Ubuntu 8.04: disable DPD?
On Thu, 2008-06-26 at 17:37 -0400, Dan Williams wrote: On Sat, 2008-06-07 at 12:51 -0400, Matthew Saltzman wrote: On Thu, 2008-06-05 at 08:36 -0400, Matthew Saltzman wrote: On Thu, 2008-06-05 at 12:19 +0200, Marc Luethi wrote: Hi all! [...] https://bugs.launchpad.net/ubuntu/+source/network-manager-vpnc/+bug/206000 For now, I'd be happy if I could enable/disable network-manager-vpnc's DPD globally. Can this be done? In Fedora's Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=403661 No action since I filed it last November. I have to run vpnc by ^ hand on those connections where DPD is an issue. The other thing I've noticed about this issue is that nobody on the NetworkManager team ever sees fit to comment when it comes up on the list. Mainly because I don't have quite enough bandwidth to deal with every issue right when it comes up, but it's probably useful to say This option is probably a good idea, but I need to finish piece X of NetworkManager first before I can look at it anyway. OK Thanks. I understand there's a lot on your plate, but I thought I recalled there was someone else handling the vpnc bit. I updated that bug report BTW. 'preciate it. Dan See also http://www.ces.clemson.edu/linux/f8-nm-iwl3945-B.shtml The other vpnc features that it would be good to be able to configure are NAT traversal mode selection and IPsec obfuscated secret support. thanks best regards Marc -- Matthew Saltzman Clemson University Math Sciences mjs AT clemson DOT edu http://www.math.clemson.edu/~mjs ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: VPNC plugin on Ubuntu 8.04: disable DPD?
On Thu, 2008-06-26 at 17:42 -0400, Dan Williams wrote: I updated that bug report BTW. I also added NAT traversal mode stuff during the UI rewrite too. For obfuscated secret, I think you mean the group secret, right? Yes, correct. I know it can be decrypted easily, but Management prefers not to spread the word too widely 8^). Are you planning a Fedora update soon, or should I try to build from source to test? Dan Dan See also http://www.ces.clemson.edu/linux/f8-nm-iwl3945-B.shtml The other vpnc features that it would be good to be able to configure are NAT traversal mode selection and IPsec obfuscated secret support. -- Matthew Saltzman Clemson University Math Sciences mjs AT clemson DOT edu http://www.math.clemson.edu/~mjs ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: VPNC plugin on Ubuntu 8.04: disable DPD?
Hi all On Thu, 2008-06-05 at 12:19 +0200, Marc Luethi wrote: Assuming that network-manager-vpnc is using vpnc behind the scenes, is there a way (a config file, perhaps?) to make the VPNC plugin set/unset this parameter? (I am no programmer - just a user...) I have found a workaround solution which might help at least the Ubuntu users affected by this issue. In ubuntu Bug #206673 (https://bugs.launchpad.net/ubuntu/+source/vpnc/+bug/206673 , Chris has made .deb packages of VPNC available on launchpadlibrarian.net that have the DPD timeout set to 0 by default. Installation on Ubuntu was easy, just replacing vpnc from the repositories by this version. This is a rough approach since it might cause conflicts with some VPN configurations that need DPD and the user has to enable it explicitely for these configurations; whereas it was enabled by default before. Nonetheless it solves my problem for the time being. regards Marc ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: VPNC plugin on Ubuntu 8.04: disable DPD?
On Thu, 2008-06-19 at 16:28 +0200, Marc Luethi wrote: Hi all On Thu, 2008-06-05 at 12:19 +0200, Marc Luethi wrote: Assuming that network-manager-vpnc is using vpnc behind the scenes, is there a way (a config file, perhaps?) to make the VPNC plugin set/unset this parameter? (I am no programmer - just a user...) I have found a workaround solution which might help at least the Ubuntu users affected by this issue. I've added a Disable Dead Peer Detection option in 0.7 trunk. I'd take a patch that added it to 0.6.x if anyone comes up with one (even just in GConf), otherwise I'll get around to it at some point. Dan In ubuntu Bug #206673 (https://bugs.launchpad.net/ubuntu/+source/vpnc/+bug/206673 , Chris has made .deb packages of VPNC available on launchpadlibrarian.net that have the DPD timeout set to 0 by default. Installation on Ubuntu was easy, just replacing vpnc from the repositories by this version. This is a rough approach since it might cause conflicts with some VPN configurations that need DPD and the user has to enable it explicitely for these configurations; whereas it was enabled by default before. Nonetheless it solves my problem for the time being. regards Marc ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: VPNC plugin on Ubuntu 8.04: disable DPD?
On Thu, 2008-06-05 at 08:36 -0400, Matthew Saltzman wrote: On Thu, 2008-06-05 at 12:19 +0200, Marc Luethi wrote: Hi all! [...] https://bugs.launchpad.net/ubuntu/+source/network-manager-vpnc/+bug/206000 For now, I'd be happy if I could enable/disable network-manager-vpnc's DPD globally. Can this be done? In Fedora's Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=403661 No action since I filed it last November. I have to run vpnc by ^ hand on those connections where DPD is an issue. The other thing I've noticed about this issue is that nobody on the NetworkManager team ever sees fit to comment when it comes up on the list. See also http://www.ces.clemson.edu/linux/f8-nm-iwl3945-B.shtml The other vpnc features that it would be good to be able to configure are NAT traversal mode selection and IPsec obfuscated secret support. thanks best regards Marc -- Matthew Saltzman Clemson University Math Sciences mjs AT clemson DOT edu http://www.math.clemson.edu/~mjs ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
VPNC plugin on Ubuntu 8.04: disable DPD?
Hi all! First: If this is the wrong place to ask about the VPNC plugin, please tell me to sod off and maybe leave a hint on where else to ask ;-) After upgrading to Ubuntu 8.04, I am now using NetworkManager 0.6.6 with nm-applet 0.6.6, and according to aptitude, I have network-manager-vpc 0.6.4svn2422-0ubuntu5 vpnc0.5.1r275-1 I am running a Cisco PIX501 at home which does not support DPD (and probably never will). Now I am affected by this problem: https://bugs.launchpad.net/ubuntu/+source/network-manager-vpnc/+bug/206000 The currently installed vpnc supports disabling of the DPD feature: [EMAIL PROTECTED]:~$ vpnc --long-help [...] --dpd-idle 0,10-86400 Send DPD packet after not receiving anything for idle seconds. Use 0 to disable DPD completely (both ways). Default: 300 conf-variable: DPD idle timeout (our side) 0,10-86400 [...] Assuming that network-manager-vpnc is using vpnc behind the scenes, is there a way (a config file, perhaps?) to make the VPNC plugin set/unset this parameter? (I am no programmer - just a user...) I know that DPD configuration should be possible on a per-connection basis, as some VPN configurations will require DPD to be active - while others might not. There have been suggestions to use older versions of network-manager-vpnc or different versions of network-manager altogether, which is not what I'd like to do. For now, I'd be happy if I could enable/disable network-manager-vpnc's DPD globally. Can this be done? thanks best regards Marc ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: VPNC plugin on Ubuntu 8.04: disable DPD?
On Thu, 2008-06-05 at 12:19 +0200, Marc Luethi wrote: Hi all! First: If this is the wrong place to ask about the VPNC plugin, please tell me to sod off and maybe leave a hint on where else to ask ;-) After upgrading to Ubuntu 8.04, I am now using NetworkManager 0.6.6 with nm-applet 0.6.6, and according to aptitude, I have network-manager-vpc 0.6.4svn2422-0ubuntu5 vpnc 0.5.1r275-1 I am running a Cisco PIX501 at home which does not support DPD (and probably never will). Now I am affected by this problem: https://bugs.launchpad.net/ubuntu/+source/network-manager-vpnc/+bug/206000 The currently installed vpnc supports disabling of the DPD feature: [EMAIL PROTECTED]:~$ vpnc --long-help [...] --dpd-idle 0,10-86400 Send DPD packet after not receiving anything for idle seconds. Use 0 to disable DPD completely (both ways). Default: 300 conf-variable: DPD idle timeout (our side) 0,10-86400 [...] Assuming that network-manager-vpnc is using vpnc behind the scenes, is there a way (a config file, perhaps?) to make the VPNC plugin set/unset this parameter? (I am no programmer - just a user...) I know that DPD configuration should be possible on a per-connection basis, as some VPN configurations will require DPD to be active - while others might not. There have been suggestions to use older versions of network-manager-vpnc or different versions of network-manager altogether, which is not what I'd like to do. For now, I'd be happy if I could enable/disable network-manager-vpnc's DPD globally. Can this be done? In Fedora's Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=403661 No action since I filed it last November. I have to run vpnc by hand on those connections where DPD is an issue. See also http://www.ces.clemson.edu/linux/f8-nm-iwl3945-B.shtml The other vpnc features that it would be good to be able to configure are NAT traversal mode selection and IPsec obfuscated secret support. thanks best regards Marc -- Matthew Saltzman Clemson University Math Sciences mjs AT clemson DOT edu http://www.math.clemson.edu/~mjs ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list