Re: Link-Local Only option not available on NetworkManager

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Nov 8, 2018 at 8:04 PM Rick Stevens <ricks@xxxxxxxxxxxxxx> wrote:
> >
> > I am trying to configure a VPN-L2TP network via NetworkManager. To
> > accomplish that, I need to have the option
> >
> > "Link-Local Only"
> >
> > on the IPv6 settings, but unfortunately such an option is not
> > available. Any ideas?
>
> You could (as root):
>
>         1. Run "nmcli connections show" and find the UUID of the VPN
>         connection you want to bugger.
>
>         2. Run "nmcli connection edit <UUID>" to edit the connection.
>
>         3. Enter "set ipv6.method link-local" at the "nmcli>" prompt to
>         change it to link-local.
>
>         4. Type "save" at the "nmcli>" prompt to save the updated
>         connection.
>
>         5. Type "quit" at the "nmcli>" prompt to exit the editor.
>
> That oughta do it. And no, the GUI doesn't offer this setting that I can
> find. Both IPV4 and IPV6 default to "method: auto".

Thanks, Rick, for your precious help. It worked! However, when I try
to establish the VPN, I get the problems below. I guess that is
related to Selinux. What do you think?

Paul

-----------------

Nov 08 20:26:38 xhost NetworkManager[8715]: <info>  [1541708798.0692]
audit: op="connection-activate"
uuid="8235f185-3bc9-434e-b6de-4e2bbd42d18d" name="VPN connection 1"
pid=12579 uid=1000 >
Nov 08 20:26:38 xhost NetworkManager[8715]: <info>  [1541708798.0772]
vpn-connection[0x556296d9a570,8235f185-3bc9-434e-b6de-4e2bbd42d18d,"VPN
connection 1",0]: Started the VPN service, PID >
Nov 08 20:26:38 xhost NetworkManager[8715]: <info>  [1541708798.0890]
vpn-connection[0x556296d9a570,8235f185-3bc9-434e-b6de-4e2bbd42d18d,"VPN
connection 1",0]: Saw the service appear; activ>
Nov 08 20:26:38 xhost NetworkManager[8715]: <info>  [1541708798.2128]
vpn-connection[0x556296d9a570,8235f185-3bc9-434e-b6de-4e2bbd42d18d,"VPN
connection 1",0]: VPN connection: (ConnectInter>
Nov 08 20:26:38 xhost nm-l2tp-service[12623]: Check port 1701
Nov 08 20:26:38 xhost NetworkManager[8715]: Stopping strongSwan IPsec
failed: starter is not running
Nov 08 20:26:40 xhost NetworkManager[8715]: Starting strongSwan 5.7.1
IPsec [starter]...
Nov 08 20:26:40 xhost NetworkManager[8715]: charon is already running
(/var/run/charon.pid exists) -- skipping daemon start
Nov 08 20:26:40 xhost NetworkManager[8715]: Loading config setup
Nov 08 20:26:40 xhost NetworkManager[8715]: Loading conn
'8235f185-3bc9-434e-b6de-4e2bbd42d18d'
Nov 08 20:26:40 xhost ipsec_starter[12644]: Starting strongSwan 5.7.1
IPsec [starter]...
Nov 08 20:26:40 xhost ipsec_starter[12644]: charon is already running
(/var/run/charon.pid exists) -- skipping daemon start
Nov 08 20:26:40 xhost ipsec_starter[12644]: Loading config setup
Nov 08 20:26:40 xhost ipsec_starter[12644]: Loading conn
'8235f185-3bc9-434e-b6de-4e2bbd42d18d'
Nov 08 20:26:40 xhost NetworkManager[8715]: found netkey IPsec stack
Nov 08 20:26:40 xhost ipsec_starter[12644]: found netkey IPsec stack
Nov 08 20:26:40 xhost charon[4192]: 13[CFG] rereading secrets
Nov 08 20:26:40 xhost charon[4192]: 13[CFG] loading secrets from
'/etc/strongswan/ipsec.secrets'
Nov 08 20:26:40 xhost charon[4192]: 13[CFG] loading secrets from
'/etc/strongswan/ipsec.d/nm-l2tp-ipsec-8235f185-3bc9-434e-b6de-4e2bbd42d18d.secrets'
Nov 08 20:26:40 xhost charon[4192]: 13[CFG]   loaded IKE secret for %any
Nov 08 20:26:40 xhost charon[4192]: 13[CFG] loading secrets from
'/etc/strongswan/ipsec.d/nm-l2tp-ipsec-c79095eb-1ad5-43ea-859a-8d9a71c2ddd3.secrets'
Nov 08 20:26:40 xhost charon[4192]: 13[CFG]   loaded IKE secret for %any
Nov 08 20:26:40 xhost charon[4192]: 01[CFG] received stroke: initiate
'8235f185-3bc9-434e-b6de-4e2bbd42d18d'
Nov 08 20:26:40 xhost charon[4192]: 01[CFG] no config named
'8235f185-3bc9-434e-b6de-4e2bbd42d18d'
Nov 08 20:26:40 xhost NetworkManager[8715]: no config named
'8235f185-3bc9-434e-b6de-4e2bbd42d18d'
Nov 08 20:26:40 xhost audit[12672]: AVC avc:  denied  { write } for
pid=12672 comm="stroke" path="pipe:[168313]" dev="pipefs" ino=168313
scontext=system_u:system_r:ipsec_t:s0 tcontext=syst>
Nov 08 20:26:40 xhost NetworkManager[8715]: Stopping strongSwan IPsec...
Nov 08 20:26:40 xhost audit[12674]: AVC avc:  denied  { signal } for
pid=12674 comm="strongswan" scontext=system_u:system_r:ipsec_mgmt_t:s0
tcontext=system_u:system_r:ipsec_t:s0 tclass=pro>
Nov 08 20:26:48 xhost charon[4192]: 10[IKE] sending keep alive to
122.111.25.141[4500]
Nov 08 20:26:51 xhost audit[12674]: AVC avc:  denied  { sigkill } for
pid=12674 comm="strongswan" scontext=system_u:system_r:ipsec_mgmt_t:s0
tcontext=system_u:system_r:ipsec_t:s0 tclass=pr>
Nov 08 20:26:51 xhost nm-l2tp-service[12623]:
g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
Nov 08 20:26:51 xhost NetworkManager[8715]: <info>  [1541708811.8303]
vpn-connection[0x556296d9a570,8235f185-3bc9-434e-b6de-4e2bbd42d18d,"VPN
connection 1",0]: VPN plugin: state changed: st>
Nov 08 20:26:51 xhost NetworkManager[8715]: <info>  [1541708811.8336]
vpn-connection[0x556296d9a570,8235f185-3bc9-434e-b6de-4e2bbd42d18d,"VPN
connection 1",0]: VPN service disappeared
Nov 08 20:26:51 xhost NetworkManager[8715]: <warn>  [1541708811.8348]
vpn-connection[0x556296d9a570,8235f185-3bc9-434e-b6de-4e2bbd42d18d,"VPN
connection 1",0]: VPN connection: failed to con>
Nov 08 20:27:08 xhost charon[4192]: 07[IKE] sending keep alive to
122.111.25.141[4500]
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx



[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux