Re: Openvpn Configuration/Access Issue

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 26/02/16 19:36, Ed Greshko wrote:


On 02/26/16 15:58, Stephen Morris wrote:

On 26/02/16 08:42, Rick Stevens wrote:

On 02/25/2016 01:35 PM, Stephen Morris wrote:

Hi,

      I am trying to my vpn service provider using instructions they
provide for Ubuntu Mint as the only information they provide for Linux.
When I go into Networkmanager and create a new Openvpn connection and
try to connect to it, I get a popup saying the connection failed and one
of the messages seems to be indicating that I am missing a plugin.

      As far as I can see I have every Networkmanager vpn plugin
installed, so I am at a loss trying to understand the message. Is
anybody able to shed any light on what/where I need to look to try to
identify what the connection issues are?

Please include the EXACT error message you're getting. It may not be
a NetworkMangler plugin you're missing--rather an openvpn module or
OpenSSL module.

Below is all the messages appearing in the notification dialog when the connection
fails, in the order they are displayed from top to bottom.

Failed to activate connection
Device failed
Failed to deactivate connection
Connection updated
Missing VPN plugin
Failed to update connection
Connection removed
Connection added
Failed to remove connection
Failed to get secrets
Connection deactivated
Connection activated
Failed to add connection
Failed to request scan


If you do

journalctl -b 0 -l --unit=NetworkManager
I issued this command and found the following messages which means I will now need to play around with the configuration to resolve, particularly the certificate issue, as a certificate to use is specified in the client.
Feb 27 10:27:44 localhost.localdomain nm-openvpn[2542]: OpenVPN 2.3.10 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jan 4 2016 Feb 27 10:27:44 localhost.localdomain nm-openvpn[2542]: library versions: OpenSSL 1.0.2f-fips 28 Jan 2016, LZO 2.08 Feb 27 10:27:44 localhost.localdomain nm-openvpn[2542]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Feb 27 10:27:44 localhost.localdomain nm-openvpn[2542]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Feb 27 10:27:44 localhost.localdomain nm-openvpn[2542]: WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1557) Feb 27 10:27:44 localhost.localdomain nm-openvpn[2542]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay Feb 27 10:27:44 localhost.localdomain nm-openvpn[2542]: UDPv4 link local: [undef] Feb 27 10:27:44 localhost.localdomain nm-openvpn[2542]: UDPv4 link remote: [AF_INET]45.58.127.234:443 Feb 27 10:27:46 localhost.localdomain nm-openvpn[2542]: WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1614', remote='link-mtu 1557' Feb 27 10:27:46 localhost.localdomain nm-openvpn[2542]: WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1557', remote='tun-mtu 1500' Feb 27 10:27:46 localhost.localdomain nm-openvpn[2542]: [VPN] Peer Connection Initiated with [AF_INET]45.58.127.234:443 Feb 27 10:27:49 localhost.localdomain nm-openvpn[2542]: TUN/TAP device tun0 opened Feb 27 10:27:49 localhost.localdomain nm-openvpn[2542]: /usr/libexec/nm-openvpn-service-openvpn-helper --tun -- tun0 1557 1614 10.10.8.10 10.10.8.9 init 



Do you get better info?

Here is an example of a successful openvpn connection...

http://paste.fedoraproject.org/329720/47555814/


Is the information you have shown in the link above an excerpt from syslog?
Having found some information around how I need to configure the NetworkManager connection I now have the vpn connection working. The messages I have shown above that I didn't understand, was all because of my stupidity. The button I clicked on in the connection failure notification also shows the same thing when clicked on in the successful connection notification. What I now think it was, is that these are things that NetworkManager knows how to detect, and it was asking how I wanted notification of those messages if they occurred. Sorry for all the trouble I put people to due to my lack of understanding of something, that in hindsight should have been obvious to me as to what it was.
Having got the interface working, its performance potentially explains why the cost of lifetime membership was dropped from $1000US to $40US. 

--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux