On 10/1/06, Matthew Saltzman <[EMAIL PROTECTED]> wrote:
> On Sun, 1 Oct 2006, Dan Williams wrote:
>
> > On Fri, 2006-09-29 at 00:17 -0400, Golam Mortuza Hossain wrote:
> >>
> >> Would it be possible to have an association for a given VPN connection
> >> with a given SSID? So if defined by user, nm would also auto-connect to
> >> VPN after connecting to the given SSID.
> >
> > Good point. We had considered auto-connecting VPN in the early stages
> > of NM but that got dropped for various reasons. It's now time to
> > revisit that. Your suggestion sounds spot-on. But let's generalize
> > that to associating a VPN connection with an NM Configuration (ie, a
> > collection of settings describing a specific network connection). I'd
> > probably want to use a VPN over Bluetooth to my phone which connects to
> > Sprint using PPP, if just to access my Red Hat email from the middle of
> > Wisconsin, for example.
> >
> > Meanwhile, if we really wanted this soon, we could make NM reconnect the
> > VPN automatically when the connection drops, but not if you explicitly
> > disabled it. Somewhat harder than it looks because connection drops
> > aren't always distinguishable from other circumstances, but certainly
> > doable.
>
> Unless I miss something, there are a couple of very different use cases
> here: (1) I'm on my own campus and wireless connections to the campus net
> must be made through a VPN because WEP is deemed insecure. (2) I'm away
> from my own campus (possibly anywhere) and must connect to the campus net
> via VPN to reach firewalled resources.
>
> For the former case, configuring VPN connect-on-start is a reasonable
> solution, and it's known that if VPN-on-start is set then VPN-on-reconnect
> is the right thing to do.
>
> For the latter case, one really wants some sort of automatic
> reconnect-in-last-state. I connect to lots of WAPs, but I only use my VPN
> if I need to get to university-internal stuff behind the firewall. If I
> were connected via VPN and the connection dropped, I'd want to
> re-establish the VPN connection automatically, but I don't want to set it
> to start or not per access point. (Some people may want that feature and
> that's fine, but I'd leave VPN off by default on all my connections for
> which case 1 doesn't apply.)
> How would it work to say this: If the last state when connected was VPN
> up and you reconnect to the same SSID within some time period (order of a
> few minutes, maybe settable), then restart the VPN on reconnection.
Hi Matthew,
OK! I see your point. In fact, I go through the same situation
everyday :-) I think, what Dan has suggested i.e.
"associating a VPN connection with an NM Configuration (ie, a
collection of settings describing a specific network connection)."
can take care of this also. I mean for APs within campus
(case 1), one should set
"vpn::connection=always-on".
Otherwise (case 2), as you suggested, the default setting should be
"vpn::connection=on
if (connecting-to-last-active-ap AND last-state-had-active-vpn)".
Note, there is no need to check for any time period. Because,
above conditions give identical situation compared to the
situation when there were no drop in wireless connection.
I mean, if there were no drop in connection then you would normally
(1) connect to VPN; (2) access your campus-stuffs;
(3) disconnect vpn. With above condition for "vpn::connection",
you would have exactly same situation irrespective of whether there
were any drop in wireless connections or not.
Cheers,
Golam
_______________________________________________
NetworkManager-list mailing list
[email protected]
http://mail.gnome.org/mailman/listinfo/networkmanager-list
