Re: Lack of new OpenVPN SAML interoperability

n trying to access my OpenVPN cloud account through the > 'Import profile' wizard that comes with Gnome Network. > > I simply go to Settings->Network, then on VPN panel I click on '+' > symbol, a new window appears, then I select 'Import from file...'. > Finally, after imp

Lack of new OpenVPN SAML interoperability

Hello, First of all, I'm sorry to copy both gnome-network-list and networkmanager-list, because I didn't know or couldn't recognize which one would be the proper one to mention this fact. I've been trying to access my OpenVPN cloud account through the 'Import profile' wizard that comes

Re: Problems with OpenVPN client conf having several remotes

On Mon, 2021-06-14 at 17:52 +, Samuel Le Thiec via networkmanager-list wrote: > Hello again:) > > I encountered two problems with an openvpn client conf having several remotes. > > The first problem occurs when importing a openvpn client config having > multiple remotes

Problems with OpenVPN client conf having several remotes

Hello again:) I encountered two problems with an openvpn client conf having several remotes. The first problem occurs when importing a openvpn client config having multiple remotes mixing udp & tcp and using the "implicit udp syntax":  $ grep ^remote openvpn.conf ovp

Re: Trouble converting full OpenVPN tunnel to split tunnel

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Wed, 2021-02-03 at 12:25 +0100, Thomas Haller wrote: > On Wed, 2021-02-03 at 12:08 +0100, Chris Coutinho via networkmanager- > list wrote: > > Hello NM folks, > > > > I'm running into a problem converting

Re: Trouble converting full OpenVPN tunnel to split tunnel

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Wed, 2021-02-03 at 12:25 +0100, Thomas Haller wrote: > On Wed, 2021-02-03 at 12:08 +0100, Chris Coutinho via networkmanager- > list wrote: > > Hello NM folks, > > > > I'm running into a problem converting

Re: Trouble converting full OpenVPN tunnel to split tunnel

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Wed, 2021-02-03 at 12:25 +0100, Thomas Haller wrote: > On Wed, 2021-02-03 at 12:08 +0100, Chris Coutinho via networkmanager- > list wrote: > > Hello NM folks, > > > > I'm running into a problem converting

Re: Trouble converting full OpenVPN tunnel to split tunnel

On Wed, 2021-02-03 at 12:08 +0100, Chris Coutinho via networkmanager- list wrote: > Hello NM folks, > > I'm running into a problem converting an OpenVPN "full" tunnel > configuration to > a split tunnel configuration. I've received an .ovpn file from a > client which,

Trouble converting full OpenVPN tunnel to split tunnel

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hello NM folks, I'm running into a problem converting an OpenVPN "full" tunnel configuration to a split tunnel configuration. I've received an .ovpn file from a client which, by default, routes all my traffic through their VPN. I want to

Re: Adding basic OpenVPN PKCS#11 support

I did a first patch which used a naive approach and just added support for specifying the pkcs11-providers and pkcs11-id in the GUI. This works but is not elegant or user friendly and requires that openvpn plays nicely with the desired pkcs#11 provider. In practice this is often a big problem

Re: Adding basic OpenVPN PKCS#11 support

On Tue, 2019-03-26 at 08:41 +0100, Martin Forssen via networkmanager- list wrote: > Hello, > > I have the need to run OpenVPN with PKCS#11 hardware certificates on > Linux. This does currently not seem to be possible with > NetworkManager. > > I have looked around a bit and

Re: openvpn: "Authenticate/Decrypt packet error: bad packet ID", link-mtu=1472 consequences

On Wed, 2019-03-27 at 18:56 +, avemilia via networkmanager-list wrote: > Sorry, I have assumed that the VPN tunnel is up with this link-mtu > setting, but > in reality it is not. Hi, Try: sudo nmcli general logging level TRACE domains ALL,VPN_PLUGIN:TRACE and reactivate the VPN

Re: openvpn: "Authenticate/Decrypt packet error: bad packet ID", link-mtu=1472 consequences

orking configuration to eliminate the "bad packet ID" errors. ‐‐‐ Original Message ‐‐‐ On Wednesday, March 27, 2019 7:28 PM, avemilia via networkmanager-list wrote: > Hello list, > > openSUSE Tumbleweed (KDE Plasma) > NetworkManager-1.16.0-1.1.x86_64 > NetworkMa

openvpn: "Authenticate/Decrypt packet error: bad packet ID", link-mtu=1472 consequences

Hello list, openSUSE Tumbleweed (KDE Plasma) NetworkManager-1.16.0-1.1.x86_64 NetworkManager-openvpn-1.8.10-1.1.x86_64 with this openvpn configuration: > [vpn] > auth= > ca= > cipher= > comp-lzo=adaptive > connection-type=password > float=no > mssfix=no > password-

OpenVPN + PKCS#11

Hi! I'm trying to setup an OpenVPN connection with NetworkManager using a PKCS#11 token as the client certificate storage. As far as I understand after some googling, it's not possible to setup such a config with GUI (at least #1218335 states so), but the "pkcs11:" schema is supported

Re: Problem importing OpenVPN profile in Linux Mint 18.3 x64 cinnamon

openvpn directly until the plugin supports the option. I doubt that private tunnel is the only service using this option, so I suspect others are also encountering it and adding support to the plugin should be done at some point. Maybe it's a pain point for many user. But I never saw a feature

Re: Problem importing OpenVPN profile in Linux Mint 18.3 x64 cinnamon

ptop out > of > the office I believe I can live with continuing to use openvpn > directly > until the plugin supports the option. I doubt that > private > tunnel is the only service using this option, so I suspect others > are > also encountering it and adding support to the plugin s

Re: Problem importing OpenVPN profile in Linux Mint 18.3 x64 cinnamon

that argument is required in your setup. For example, (as you said, plain openvpn works) by running openvpn with the ovpn without the option. best, Thomas Per your suggestion I tried using openvpn with the edited file and as expected it fails to connect. So the appears to be required to initialize

Re: Problem importing OpenVPN profile in Linux Mint 18.3 x64 cinnamon

server configuratoin. Enable debug > > logging > > and see why the connection failed. > > > > Since NM does not support the argument, you should > > investigate whether that argument is required in your setup. For > > example, (as you said, plain openvpn wo

Re: Problem importing OpenVPN profile in Linux Mint 18.3 x64 cinnamon

, but whether the settings are correct depends very much on your server configuratoin. Enable debug logging and see why the connection failed. Since NM does not support the argument, you should investigate whether that argument is required in your setup. For example, (as you said, plain openvpn works

Re: Problem importing OpenVPN profile in Linux Mint 18.3 x64 cinnamon

wrong, but whether the settings are correct depends very much on your server configuratoin. Enable debug logging and see why the connection failed. Since NM does not support the argument, you should investigate whether that argument is required in your setup. For example, (as you said, plain openvpn

Re: Problem importing OpenVPN profile in Linux Mint 18.3 x64 cinnamon

ortunately, this failed. Looking in /var/log/syslog I found the following: ... Feb 20 16:21:48 Z560 nm-openvpn[21289]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Feb 20 16:21:48 Z560 nm-openvpn[21289]: TLS Error: TLS handshake failed Feb 20 16:

Re: Problem importing OpenVPN profile in Linux Mint 18.3 x64 cinnamon

r/log/syslog I found the > following: ... > Feb 20 16:21:48 Z560 nm-openvpn[21289]: TLS Error: TLS key > negotiation > failed to occur within 60 seconds (check your network connectivity) > Feb 20 16:21:48 Z560 nm-openvpn[21289]: TLS Error: TLS handshake > failed > Feb 20 16:21:48 Z

Re: Problem importing OpenVPN profile in Linux Mint 18.3 x64 cinnamon

0904] vpn-connection[0x132d270,03cba5d7-57df-4bd8-b5d3-24c3f24013d7,"Private Tunnel - Ashburn",0]: Saw the service appear; activating connection Feb 20 16:20:48 Z560 NetworkManager[1008]: nm-openvpn-Message: openvpn[21289] started Feb 20 16:20:48 Z560 NetworkManager[1008]: [151916

Re: Problem importing OpenVPN profile in Linux Mint 18.3 x64 cinnamon

Thomas Haller wrote: On Thu, 2018-02-15 at 14:24 -0500, David H. Durgee wrote: Hi, I am running Linux Mint 18.3 x64 cinnamon and have the OpenVPN plugin installed with network manager. I have an OpenVPN profile from Private Tunnel that I use with no problems on my phone with the OpenVPN

Re: Problem importing OpenVPN profile in Linux Mint 18.3 x64 cinnamon

On Thu, 2018-02-15 at 14:24 -0500, David H. Durgee wrote: Hi, > I am running Linux Mint 18.3 x64 cinnamon and have the OpenVPN > plugin > installed with network manager. I have an OpenVPN profile from > Private > Tunnel that I use with no problems on my phone with the OpenVPN &

Problem importing OpenVPN profile in Linux Mint 18.3 x64 cinnamon

I am running Linux Mint 18.3 x64 cinnamon and have the OpenVPN plugin installed with network manager.  I have an OpenVPN profile from Private Tunnel that I use with no problems on my phone with the OpenVPN Connect app.  I can also use the profile at the terminal window in LM 18.3 successfully

Re: Format of the OpenVPN file

On Thu, 2017-12-28 at 10:35 +, Guillaume Betous wrote: > Hi, > > I have an openvpn setup which works fine on command-line. I have a > single file which contains inline keys. > > When I try to import it on network-manager (not sure of the version, > but I run Ubuntu 17

Re: Format of the OpenVPN file

Are you feeding your config file to openvpn binary on the command line? I suspect OpenVPN and NM have different config formats and NM expects NM-exported file. Here's an example of OpenVPN connection, exported from NM (I simply exported mine), try adopting it to your needs: client remote

Format of the OpenVPN file

Hi, I have an openvpn setup which works fine on command-line. I have a single file which contains inline keys. When I try to import it on network-manager (not sure of the version, but I run Ubuntu 17.10), I have an error with message like "cannot read or does not contain known VPN data /

Re: NetworkManager OpenVPN DNS returns REFUSED

On Thu, 2017-03-23 at 09:54 +0100, Beniamino Galvani wrote: > Which dnsmasq version are you using? There was a bug in the way > dnsmasq cached sockets for queries that caused problems when the VPN > interface is recreated by kernel with a different ifindex; see [1] [2] > for more details. This

Re: NetworkManager OpenVPN DNS returns REFUSED

On Thu, 2017-03-23 at 09:54 +0100, Beniamino Galvani wrote: > > What does it mean that the local DNS service is returning REFUSED?  How > > can I debug this further?  Or, does anyone know how to fix it? > > You can enable logging of queries in dnsmasq with: > >  echo log-queries >

Re: NetworkManager OpenVPN DNS returns REFUSED

On Wed, Mar 22, 2017 at 08:19:32PM -0400, Paul Smith wrote: > Hi all. I'm having a problem with DNS servers over openvpn. I use > NetworkManager to configure (via openvpn config file import) and > start/stop the VPN. I'm using Ubuntu GNOME 16.10, with: > > [...] > > I'v

NetworkManager OpenVPN DNS returns REFUSED

Hi all. I'm having a problem with DNS servers over openvpn. I use NetworkManager to configure (via openvpn config file import) and start/stop the VPN. I'm using Ubuntu GNOME 16.10, with: network-manager 1.2.6-0ubuntu1 network-manager-openvpn   1.2.6-2ubuntu1 network

Re: openvpn: embedding pkcs12 into ovpn config

s like NM openvpn is just missing a step here when it extracts the embedded cert into a file. I've filed https://bugzilla.gnome.org/show_bug.cgi?id=780251 about this. Cheers! ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.

openvpn: embedding pkcs12 into ovpn config

I guess I'm not sure where to ask this, so I'll try here. I've been provided an ovpn file and a separate pkcs12 (p12) file. The ovpn file contains: pkcs12 /path/to/my.p12 I am using Ubuntu 16.10 and I have network-manager-openvpn-gnome, network-manager-openvpn, and openvpn itself all

Re: network manager does not lauch openvpn

On Tue, 2017-01-31 at 14:30 -0200, Ethy H. Brito wrote: > Hi all > > environment: Ubuntu 14.04 LTS (gnome) > > Left clicking NM at status bar, selecting VPN connections -> > myopenvpn does nothing. > > But I can start it from console like "nmcli c up id myopenvpn" > > Also I cannot shut it

network manager does not lauch openvpn

Hi all environment: Ubuntu 14.04 LTS (gnome) Left clicking NM at status bar, selecting VPN connections -> myopenvpn does nothing. But I can start it from console like "nmcli c up id myopenvpn" Also I cannot shut it down from there, but i can from console. "/var/log/syslog" or dmesg are of

Re: [PATCH] openvpn: Add support for tls-crypt

On Sun, 2017-01-29 at 04:44 +0100, Pau Espin Pedrol wrote: > Signed-off-by: Pau Espin Pedrol > --- followed up on https://bugzilla.gnome.org/show_bug.cgi?id=68#c2 Thomas signature.asc Description: This is a digitally signed message part

[PATCH] openvpn: Add support for tls-crypt

Signed-off-by: Pau Espin Pedrol <pespin.s...@gmail.com> --- properties/import-export.c | 16 ++-- shared/utils.h | 1 + src/nm-openvpn-service.c | 14 +- 3 files changed, 20 insertions(+), 11 deletions(-) diff --git a/properties/import-export.c b/prop

Re: unable to use openvpn server which uses "push route..."

On Tue, 2017-01-24 at 21:17 +0900, Tomasz Chmielewski wrote: > On 2017-01-24 21:04, Thomas Haller wrote: > > in many common setups, the VPN gateway will forward whatever > > packets > > you send it. I don't agree that "would almost never work" is > > accu

Re: unable to use openvpn server which uses "push route..."

On 2017-01-24 21:04, Thomas Haller wrote: On Tue, 2017-01-24 at 09:55 +0900, Tomasz Chmielewski wrote: On 2017-01-24 03:05, Thomas Haller wrote: > > Please advise how to use NetworkManager for OpenVPN servers which > > are  > > not default gateways and which push their own r

Re: unable to use openvpn server which uses "push route..."

On Tue, 2017-01-24 at 09:55 +0900, Tomasz Chmielewski wrote: > On 2017-01-24 03:05, Thomas Haller wrote: > > > > Please advise how to use NetworkManager for OpenVPN servers which > > > are  > > > not default gateways and which push their own routes. > > >

Re: unable to use openvpn server which uses "push route..."

On 2017-01-24 01:55, Tomasz Chmielewski wrote: > On 2017-01-24 03:05, Thomas Haller wrote: > >>> Please advise how to use NetworkManager for OpenVPN servers which >>> are >>> not default gateways and which push their own routes. >> >> wh

Re: unable to use openvpn server which uses "push route..."

On 2017-01-24 03:05, Thomas Haller wrote: Please advise how to use NetworkManager for OpenVPN servers which are  not default gateways and which push their own routes. whether the VPN gets the default route, depends on the (inverse) "ipv4.never-default" setting. See `nmcli conne

Re: unable to use openvpn server which uses "push route..."

oute 10.12.0.0 255.255.255.0" > > # testing3 > push "route 10.13.1.0 255.255.255.0" > > > The same config file works correctly with command line openvpn on > Linux  > (openvpn --config some.conf), with OpenVPN client for Windows, with  > OpenVPN clien

unable to use openvpn server which uses "push route..."

config file works correctly with command line openvpn on Linux (openvpn --config some.conf), with OpenVPN client for Windows, with OpenVPN client for Mac (TunnelBlick), with OpenVPN clients for Android and iOS - the routes are pushed to the clients. However, it does not work when the config is i

Re: How to avoid using policy kit with openvpn

I just noticed that I inserted that "Ping started to work" after wrong message chain. That must have been pretty confusing. I'm not worried about OpenVPN at the moment. It seems working quite well now. As I told before, problem was triggered uncompressing cert archive so that it pro

Re: How to avoid using policy kit with openvpn

2016-12-15 18:41 GMT+02:00 Dan Williams : > > *route add default dev eth0 metric 99* > > So, everything is fine! > > That implies that the default route was not set up correctly > beforehand. What's the output of "ip route" before you add that > default route? > Yes, there was

Re: How to avoid using policy kit with openvpn

inen <matti.kaasi...@gmail.com>: > > > > > Lubomir, Dan, > > I found what triggers this issue. I don't know what the reason is, > > though! > > It has nothing to do with NetworkManager. > > > > The trigger: > > 1) I load openvpn

Re: How to avoid using policy kit with openvpn

n is, though! > It has nothing to do with NetworkManager. > > The trigger: > 1) I load openvpn cert as zipped tar archive to root. > 2) I uncompress/untar the archive that creates /etc/openvpn directory with > openvpn cert/config files, user = original user. > There is no way

Re: How to avoid using policy kit with openvpn

Lubomir, Dan, I found what triggers this issue. I don't know what the reason is, though! It has nothing to do with NetworkManager. The trigger: 1) I load openvpn cert as zipped tar archive to root. 2) I uncompress/untar the archive that creates /etc/openvpn directory with openvpn cert/config

Re: How to avoid using policy kit with openvpn

; Please enable eavesdropping on the system bus: > https://wiki.ubuntu.com/DebuggingDBus#How_to_monitor_the_system_bus > > And then monitor the actual bus traffic before starting the "openvpn > service" (is that the NM VPN plugin?) and after starting it and look > out for

Re: OpenVPN and avoiding default route

Hi, On Tue, 2016-11-29 at 17:48 +0100, Anders Blomdell wrote: > On 2016-11-29 15:40, Thomas Haller wrote: > > On Tue, 2016-11-29 at 15:03 +0100, Anders Blomdell wrote: > > > > > > > > > First attempt of OpenVPN pull request in the RFE. > > >

Re: OpenVPN and avoiding default route

On 2016-11-29 15:40, Thomas Haller wrote: > On Tue, 2016-11-29 at 15:03 +0100, Anders Blomdell wrote: > >> >>> First attempt of OpenVPN pull request in the RFE. >>> NetworkManager should probably be modified to parse "redirect- >>> gateway/redir

Re: OpenVPN and avoiding default route

On Tue, 2016-11-29 at 15:03 +0100, Anders Blomdell wrote: > > > First attempt of OpenVPN pull request in the RFE. > > NetworkManager should probably be modified to parse "redirect- > > gateway/redirect-private" > > while importing .ovpn files, pointer

Re: OpenVPN and avoiding default route

On 2016-11-28 18:13, Anders Blomdell wrote: > > > On 2016-11-28 14:21, Anders Blomdell wrote: >> >> >> On 2016-11-25 18:42, Thomas Haller wrote: >>> On Fri, 2016-11-25 at 17:08 +0100, Anders Blomdell wrote: >>>> Would it make sense t

Re: OpenVPN and avoiding default route

On 2016-11-28 14:21, Anders Blomdell wrote: > > > On 2016-11-25 18:42, Thomas Haller wrote: >> On Fri, 2016-11-25 at 17:08 +0100, Anders Blomdell wrote: >>> Would it make sense to let the OpenVPN server disable default-routing >>> in network manager, for in

Re: OpenVPN and avoiding default route

On 2016-11-25 18:42, Thomas Haller wrote: > On Fri, 2016-11-25 at 17:08 +0100, Anders Blomdell wrote: >> Would it make sense to let the OpenVPN server disable default-routing >> in network manager, for instance >> by checking if a 'push "route-gateway x.y.z.w"' h

Re: NM 1.2.4: Problem with OpenVPN DNS lookups after Ubuntu 16.10 upgrade

On Fri, 2016-11-25 at 16:44 -0500, Paul Smith wrote: > Can anyone tell me how to investigate / debug this issue?  My > /etc/resolv.conf has: > >   # Dynamic resolv.conf(5) file for glibc resolver(3) generated by > resolvconf(8) >   # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE >

OpenVPN and avoiding default route

Would it make sense to let the OpenVPN server disable default-routing in network manager, for instance by checking if a 'push "route-gateway x.y.z.w"' has been done from the server? I mena smething like this, (nm-openvpn-service-openvpn-helper.c): /* Internal VPN subn

Re: How to avoid using policy kit with openvpn

t is told in that unit file that: > > Alias=dbus-org.freedesktop.Avahi.service. > > > > > In fact, it seems that any operations using dbus (NTP, avahi...) have > problems after starting openvpn service and it does not vanish if I stop > it. So, it seems that either openvpn sevice

Re: How to avoid using policy kit with openvpn

it seems that any operations using dbus (NTP, avahi...) have problems after starting openvpn service and it does not vanish if I stop it. So, it seems that either openvpn sevice (or possibly NM) creates policy some policy kit rule that does not vanish when I disabl

Re: How to avoid using policy kit with openvpn

problems. > So, does NetworkManager or somebody else keep some data regarding OpenVPN > set-up even though its been disabled. If so, would it be better managing > OpenVPN connection with NetworkManager (-plugin) than using openvpn.service > for that. Also is openvpn-plugin build auto

Re: How to avoid using policy kit with openvpn

2016-11-23 19:31 GMT+02:00 matti kaasinen : > 2016-11-23 18:13 GMT+02:00 Dan Williams : > >> If these are single-user systems, you can rebuild NM with PolicyKit >> disabled so that it never validates requests against PolicyKit. >> > I'll try rebuilding

Re: How to avoid using policy kit with openvpn

avahi). Also these problems did not disappear when I disabled openvpn.service and booted card. Same goes with modem problems. So, does NetworkManager or somebody else keep some data regarding OpenVPN set-up even though its been disabled. If so, would it be better managing OpenVPN connection with Ne

Re: How to avoid using policy kit with openvpn

On Wed, 2016-11-23 at 17:25 +0200, matti kaasinen wrote: > Version information: > OpenVPN: 2.3.8 > NetworkManager: 1.0.10 > ModemManager 1.4.12 > Dbus-daemon:1.10.6 If these are single-user systems, you can rebuild NM with PolicyKit disabled so that it never validates requests ag

Re: How to avoid using policy kit with openvpn

Version information: OpenVPN: 2.3.8 NetworkManager: 1.0.10 ModemManager 1.4.12 Dbus-daemon:1.10.6 2016-11-23 16:37 GMT+02:00 matti kaasinen <matti.kaasi...@gmail.com>: > Hi! > > I do have kind of manager of NetworkManager who amongst of other things > tries to connect m

How to avoid using policy kit with openvpn

Hi! I do have kind of manager of NetworkManager who amongst of other things tries to connect modem automatically because my devices are embedded cards located somewhere in nowhere. These cards communicate to server through OpenVpn tunnel. This modem connection process worked quite well untill I

Re: [network-manager-openvpn] Problem adding vpn file from my provider FrootVPN.

On Thu, Oct 27, 2016 at 08:15:20PM +0200, Vicente Herrera Cobo wrote: > Regards to all, > > by adding a specified ovpn file from my provider get the following > error: "Error: configuration error: unsupported blob/xml element (line > 104)." > > Line 104: "&quo

[network-manager-openvpn] Problem adding vpn file from my provider FrootVPN.

Regards to all, by adding a specified ovpn file from my provider get the following error: "Error: configuration error: unsupported blob/xml element (line 104)." Line 104: "" Attachment screenshot and ovpn file. Thanks for your attention. client dev tun resolv-retry infinite nobind persist-key

Re: two dhcp-option (openvpn)

t; > The order given was: > > public internet DNS > private VPN DNS > > In the log from NetworkManager only the second one shows up as being  > added to DNSmasq via dbus. As a consequence, since the local > resolv.conf  > points to 127.0.1.1, his names do not resolve. &

two dhcp-option (openvpn)

NetworkManager only the second one shows up as being added to DNSmasq via dbus. As a consequence, since the local resolv.conf points to 127.0.1.1, his names do not resolve. Using OpenVPN directly caused the connection to succeed as normal with two elements written to /etc/resolv.conf apparently

Re: OpenVPN connection loses static route after SIGUSR1

y on the client [0]. > If I send a SIGUSR1 (forced server ping-restart trigger) to the > openvpn process, the static route pushed by the server is missing in > the clients route configuration [1]. > > The static route is pushed in both cases by the server, I can verify > this on client

OpenVPN connection loses static route after SIGUSR1

) to the openvpn process, the static route pushed by the server is missing in the clients route configuration [1]. The static route is pushed in both cases by the server, I can verify this on client and on server side. Where do we lose this information? What I can see is that the helper application nm-openvpn

Re: openvpn cmdline communication to NM

On Tue, Jun 14, 2016 at 10:57 AM, Thomas Haller wrote: > It would need a more elaborate scheme to report warnings back to the > calling application. I can report that, as an end-user, NM is a complete mystery when anything doesn't work. So +1000 votes for some feedback

Re: openvpn cmdline communication to NM

On Tue, 2016-06-14 at 10:47 -0400, Martin Langhoff wrote: > On Tue, Jun 14, 2016 at 10:33 AM, Thomas Haller <thal...@redhat.com> > wrote: > > > > Also, import silently ignores unknown values from the file. > > https://git.gnome.org/browse/network-manager-openv

Re: openvpn cmdline communication to NM

On Tue, Jun 14, 2016 at 10:33 AM, Thomas Haller <thal...@redhat.com> wrote: > Also, import silently ignores unknown values from the file. > https://git.gnome.org/browse/network-manager-openvpn/tree/properties/import-export.c?id=96081a2c2e05f64d89433d150053291516bddd5e#n1409 > Mayb

Re: openvpn cmdline communication to NM

On Tue, 2016-06-14 at 08:22 -0400, Martin Langhoff wrote: > Hi Thomas, > > thanks for the explanation. It generally matches my understanding of > the world :-) > > The odd thing is: this is a vanilla client connection, all the > details > are in ovpn file, I am conne

Re: openvpn cmdline communication to NM

Hi Thomas, thanks for the explanation. It generally matches my understanding of the world :-) The odd thing is: this is a vanilla client connection, all the details are in ovpn file, I am connecting to OpenVPN servers. Import works, but the connection fails to connect. Debugging it is, um

Re: openvpn cmdline communication to NM

On Mon, 2016-06-13 at 12:46 -0400, Martin Langhoff wrote: > Hi List! > > is there a practical way to get openvpn commandline to talk to NM to > have NM update resolv.conf with the DNS settings coming from the VPN > endpoint? > > I regularly find in the field openvpn setups

openvpn cmdline communication to NM

Hi List! is there a practical way to get openvpn commandline to talk to NM to have NM update resolv.conf with the DNS settings coming from the VPN endpoint? I regularly find in the field openvpn setups which refuse to work well with NM's openvpn support. Sometimes I can file the relevant bugs

Re: Allow Single connection only via networkmanager-openvpn (reuse tun0?)

On Fri, 2016-04-15 at 15:24 +0200, Dave Conroy wrote: > You are right, a Pre Activaition would solve the issue. I spent the > past > 2 hours working with the pre-up and vpn-up statuses and found that > the > tun0 device wouldn't release properly as the openvpn binary is >

Re: Allow Single connection only via networkmanager-openvpn (reuse tun0?)

You are right, a Pre Activaition would solve the issue. I spent the past 2 hours working with the pre-up and vpn-up statuses and found that the tun0 device wouldn't release properly as the openvpn binary is launched before the hook is triggered. Fun exercise though. However, all is not lost

Re: Allow Single connection only via networkmanager-openvpn (reuse tun0?)

c VPN > > connection, > > the former gets automatically disconnected? > > > > No, NetworkManager doesn't have a concept of ~conflicting~ > > connections. > > When you activate connection A, you'd have to manually disconnect > > connection B. > &

Re: Allow Single connection only via networkmanager-openvpn (reuse tun0?)

oncept of ~conflicting~ connections. > When you activate connection A, you'd have to manually disconnect > connection B. > > >> I've made the change to no success to >> /etc/NetworkManager/VPN/openvpn-service.name >> supports-multiple-connections=false >> Yet

Re: Allow Single connection only via networkmanager-openvpn (reuse tun0?)

a concept of ~conflicting~ connections. When you activate connection A, you'd have to manually disconnect connection B. > I've made the change to no success to > /etc/NetworkManager/VPN/openvpn-service.name > supports-multiple-connections=false > Yet it still connects mul

Allow Single connection only via networkmanager-openvpn (reuse tun0?)

the change to no success to /etc/NetworkManager/VPN/openvpn-service.name supports-multiple-connections=false Yet it still connects multiple locations without disconnecting the previous connection. Furthermore, I've set it to specifically use tun0 for my connections yet upon trying to load another

Re: OpenVPN isolation using NetworkNamespaces

On Sat, 2016-04-02 at 21:49 +0200, Stjepan Groš wrote: > On 30.03.2016 17:26, Thomas Haller wrote: > > Hi, > > > > > > > > > 6. Certain aspects of NMManager are global for every network > > > > > namespace, others are not. For example, sleeping state (or > > > > > should > > > > > it > > > > >

Re: OpenVPN isolation using NetworkNamespaces

On 30.03.2016 17:26, Thomas Haller wrote: > Hi, > > 6. Certain aspects of NMManager are global for every network namespace, others are not. For example, sleeping state (or should it be separate for every network namespace so that some network namespaces can be suspended?).

Re: OpenVPN isolation using NetworkNamespaces

Hi, On Wed, 2016-03-30 at 16:22 +0200, Stjepan Groš wrote: > On 29.03.2016 14:10, Thomas Haller wrote: > > On Tue, 2016-03-29 at 13:13 +0200, Stjepan Groš wrote: > > > On 29.03.2016 12:52, Thomas Haller wrote: > > > > On Sat, 2016-02-27 at 09:34 +0100, Stjepan Groš wrote: > > > > > Hi! > > > >

Re: OpenVPN isolation using NetworkNamespaces

On 29.03.2016 14:10, Thomas Haller wrote: > On Tue, 2016-03-29 at 13:13 +0200, Stjepan Groš wrote: >> On 29.03.2016 12:52, Thomas Haller wrote: >>> On Sat, 2016-02-27 at 09:34 +0100, Stjepan Groš wrote: Hi! >>> Hi Stjepan, >>> >>> after the changes done to master, I took your MIF branch, and

Re: OpenVPN isolation using NetworkNamespaces

On Tue, 2016-03-29 at 13:13 +0200, Stjepan Groš wrote: > On 29.03.2016 12:52, Thomas Haller wrote: > > On Sat, 2016-02-27 at 09:34 +0100, Stjepan Groš wrote: > > > Hi! > > Hi Stjepan, > > > > after the changes done to master, I took your MIF branch, and re- > > merged  > > master into it. The

Re: OpenVPN isolation using NetworkNamespaces

On 29.03.2016 12:52, Thomas Haller wrote: > On Sat, 2016-02-27 at 09:34 +0100, Stjepan Groš wrote: >> Hi! > Hi Stjepan, > > after the changes done to master, I took your MIF branch, and re-merged > master into it. The result is here: > >

Re: OpenVPN isolation using NetworkNamespaces

On Sat, 2016-02-27 at 09:34 +0100, Stjepan Groš wrote: > Hi! Hi Stjepan, after the changes done to master, I took your MIF branch, and re-merged master into it. The result is here: https://cgit.freedesktop.org/NetworkManager/NetworkManager/log/?h=th/mif I didn't actually test it, so don't

OpenVPN isolation using NetworkNamespaces

mespaces (event of new device, event of removal of existing device) this process must be asynchronous and so we have to wait. this parameter defines the maximum wait time. Trygin this with OpenVPN works for me. But, as usuall, this is very likely full of bugs and there are lot of missing feat

IP configuration is useless with openvpn

Hi, My OpenVPN provider gives ipv6 connectivity. The IP configuration is not pushed to client by the server. So, when I connect to the vpn, the openvpn plugin send no ipv6 configuration to network manager :   NetworkManager[3236]:   No IPv6 configuration With the openvpn client, it can

Re: IP configuration is useless with openvpn

On Wed, 2016-02-10 at 17:16 +0100, Anthony Bourguignon wrote: > Hi, > > My OpenVPN provider gives ipv6 connectivity. The IP configuration is > not pushed to client by the server. So, when I connect to the vpn, > the > openvpn plugin send no ipv6 configuration

Re: Simplify OpenVPN blob handling

On Tue, 2016-01-26 at 11:51 +, David Woodhouse wrote: > It does even make a little bit of sense, if the most sensitive item > on the computer in question *is* the VPN certificate That would certainly be the case for my VPN setup... it's just there so I can access the work network from my

Re: Simplify OpenVPN blob handling

>OTOH if she is keeping her cert deliberately secure on an encrypted USB >storage device, and it gets copied to the unencrypted hard drive, she >might not be able to connect tomorrow because she's been *fired* for >this breach of security policy. What kind of security policy requires you to

  1   2   3   4   5   6   7   >