Hi, then...below my new (NetworkManager-openvpn) confg file and client.conf (openvpn) config file:
debian# cat /etc/NetworkManager/system-connections/VPNconnection [connection] id=VPNconnection uuid=355653c0-34d3-4777-ad25-f9a498b7ef8e type=vpn autoconnect=FALSE [ipv4] method=auto [vpn] name=openvpn service-type=org.freedesktop.NetworkManager.openvpn remote=openvpn.xxx.xxxxx.it proto-udp=yes reneg-seconds=0 port=1194 ca=/etc/openvpn/certs/cacert.crt cert=/etc/openvpn/certs/xxxxxxxx-vpn.pem key=/etc/openvpn/certs/xxxxxxxxx-vpn-key.pem [ipv6] method=ignore debian# cat /etc/openvpn/client.conf client dev tun proto udp # This is the remote ip address and port of the VPN Server remote openvpn.xxx.xxxxxx.it resolv-retry infinite ping 10 ping-restart 60 nobind persist-key persist-tun ca certs/cacert.crt cert certs/xxxxxxxx-vpn.pem key certs/xxxxxxxxxx-vpn-key.pem verb 3 comp-lzo explicit-exit-notify 2 log-append /var/log/openvpn.log Now...after your changes, if i try to start vpn from NetworkManager i can see these logs: Nov 3 16:26:54 debian NetworkManager[2899]: <info> Starting VPN service 'openvpn'... Nov 3 16:26:54 debian NetworkManager[2899]: <info> VPN service 'openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 3296 Nov 3 16:26:54 debian NetworkManager[2899]: <info> VPN service 'openvpn' appeared; activating connections Nov 3 16:26:54 debian NetworkManager[2899]: <debug> [1320337614.716383] [nm-vpn-connection.c:902] get_secrets(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection) requesting VPN secrets pass #1 Nov 3 16:26:54 debian NetworkManager[2899]: <debug> [1320337614.716961] [nm-agent-manager.c:1100] nm_agent_manager_get_secrets(): Secrets requested for connection /org/freedesktop/NetworkManager/Settings/5 (vpn) Nov 3 16:26:54 debian NetworkManager[2899]: <debug> [1320337614.717110] [nm-settings-connection.c:850] nm_settings_connection_get_secrets(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:3) secrets requested flags 0x80000000 hint '(null)' Nov 3 16:26:54 debian NetworkManager[2899]: <debug> [1320337614.720913] [nm-agent-manager.c:1015] get_start(): (0xfcba0/vpn) system settings secrets sufficient Nov 3 16:26:54 debian NetworkManager[2899]: <debug> [1320337614.721055] [nm-settings-connection.c:706] agent_secrets_done_cb(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:3) existing secrets returned Nov 3 16:26:54 debian NetworkManager[2899]: <debug> [1320337614.721154] [nm-settings-connection.c:712] agent_secrets_done_cb(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:3) secrets request completed Nov 3 16:26:54 debian NetworkManager[2899]: <debug> [1320337614.733265] [nm-settings-connection.c:751] agent_secrets_done_cb(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:3) new agent secrets processed Nov 3 16:26:54 debian NetworkManager[2899]: <debug> [1320337614.733906] [nm-vpn-connection.c:870] get_secrets_cb(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection) asking service if additional secrets are required Nov 3 16:26:54 debian NetworkManager[2899]: <info> VPN plugin state changed: 1 Nov 3 16:26:54 debian NetworkManager[2899]: <info> Policy set 'MyConnection' (eth0) as default for IPv4 routing and DNS. Nov 3 16:27:00 debian NetworkManager[2899]: <info> VPN service 'openvpn' disappeared Nov 3 16:27:02 debian NetworkManager[2899]: <debug> [1320337622.2972] [nm-vpn-service.c:267] ensure_killed(): waiting for VPN service pid 3296 to exit Nov 3 16:27:02 debian NetworkManager[2899]: <debug> [1320337622.3592] [nm-vpn-service.c:269] ensure_killed(): VPN service pid 3296 cleaned up Thanks and Regards On Thu, Nov 3, 2011 at 4:03 PM, Francesco Andrisani < [email protected]> wrote: > Thanks a lot. But i'm not able to know all parameter to intert into my > /etc/NetworkManager/system-connections/VPNconnection. > > For example keyfile, certficate, ecc > > Please can you tell me how to find these informations (all parameters)? > > Thanks and regards > > > On Thu, Nov 3, 2011 at 3:51 PM, Dan Williams <[email protected]> wrote: > >> On Thu, 2011-11-03 at 10:26 +0100, Francesco Andrisani wrote: >> > Anothe DEBUG info: >> > >> > debian:/etc/NetworkManager# /usr/libexec/nm-openvpn-service --debug >> > ** Message: nm-openvpn-service (version 0.9.0) starting... >> > ** Message: real_need_secrets: connection >> > ------------------------------------- >> > connection >> > name : "connection" >> > id : "VPNconnection" (s) >> > uuid : "355653c0-34d3-4777-ad25-f9a498b7ef8e" (s) >> > type : "vpn" (s) >> > permissions : [] (sd) >> > autoconnect : FALSE (s) >> > timestamp : 0 (sd) >> > read-only : FALSE (sd) >> > >> > >> > ipv4 >> > name : "ipv4" >> > method : "auto" (s) >> > dns : [] (s) >> > dns-search : [] (sd) >> > addresses : [] (s) >> > routes : [] (s) >> > ignore-auto-routes : FALSE (sd) >> > ignore-auto-dns : FALSE (sd) >> > dhcp-client-id : NULL (sd) >> > dhcp-send-hostname : TRUE (sd) >> > dhcp-hostname : NULL (sd) >> > never-default : FALSE (sd) >> > may-fail : FALSE (sd) >> > >> > >> > ipv6 >> > name : "ipv6" >> > method : "ignore" (s) >> > dns : [] (s) >> > dns-search : [] (sd) >> > addresses : [] (s) >> > routes : [] (s) >> > ignore-auto-routes : FALSE (sd) >> > ignore-auto-dns : FALSE (sd) >> > never-default : FALSE (sd) >> > may-fail : TRUE (sd) >> > >> > >> > vpn >> > name : "vpn" >> > service-type : "org.freedesktop.NetworkManager.openvpn" (s) >> > user-name : NULL (sd) >> > data : [ { 'name': openvpn }, ] (s) >> > secrets : [ ] (s) >> >> So here's the problem; the [vpn] setting isn't completely specified. >> Did you import this connection from an openvpn config file? Unless this >> was changed at some point (or there's a bug in the editor) this >> connection was never valid since it doesn't have the required connection >> type field and a few other things. Here's what it *should* look like: >> >> [vpn] >> service-type=org.freedesktop.NetworkManager.openvpn >> connection-type=password >> password-flags=3 >> remote=ovpn.mycompany.com >> cipher=AES-256-CBC >> proto-tcp=yes >> reneg-seconds=0 >> port=443 >> username=dcbw >> ca=/home/dcbw/MyCA.pem >> >> or something along those lines. If you imported it from a config file, >> can you try doing that again? If it still looks like this, can you send >> me the config file so I can see what's going wrong? >> >> Dan >> >> > Regards >> > >> > >> > On Thu, Nov 3, 2011 at 10:12 AM, Francesco Andrisani >> > <[email protected]> wrote: >> > OK. >> > >> > So i've installed openvpn client on my workstation with >> > certificate authentication and...it work fine. >> > About NetworkManager-openvpn i've installed (from sources) >> > 0.9.0 version, the same of NetworkManager (it also installed >> > from sources). >> > >> > A clarification...i use the system without X server (no gnome, >> > no kde). >> > Below my NetworkManager and NetworkManager-openvpn >> > configuration files. >> > >> > debian:/etc/NetworkManager# cat >> > system-connections/VPNconnection >> > [connection] >> > id=VPNconnection >> > uuid=355653c0-34d3-4777-ad25-f9a498b7ef8e >> > type=vpn >> > autoconnect=FALSE >> > >> > [ipv4] >> > method=auto >> > >> > [vpn] >> > name=openvpn >> > service-type=org.freedesktop.NetworkManager.openvpn >> > >> > [ipv6] >> > method=ignore >> > >> > I've no secrets specified here, Is it correct? I've no >> > password for start opevpn client manually. Only certificate >> > authentication. >> > >> > debian:/etc/NetworkManager# cat VPN/nm-openvpn-service.name >> > [VPN Connection] >> > name=openvpn >> > service=org.freedesktop.NetworkManager.openvpn >> > program=/usr/libexec/nm-openvpn-service >> > >> > Regards >> > >> > >> > >> > On Thu, Nov 3, 2011 at 2:25 AM, Dan Williams <[email protected]> >> > wrote: >> > On Wed, 2011-11-02 at 10:21 +0100, Francesco Andrisani >> > wrote: >> > > (355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection) >> > plugin >> > > NeedSecrets >> > > request #1 failed: dbus-glib-error-quark Invalid >> > connection type. >> > >> > >> > This part is the problem. Any chance you could paste >> > in your vpn >> > connection file >> > from /etc/NetworkManager/system-connections for us to >> > look at? Remove any passwords and XXXX out any >> > sensitive information >> > before doing so. >> > >> > Any idea what version of NetworkManager-openvpn you've >> > got installed? >> > >> > Dan >> > >> > >> > >> > >> > >> > >> > -- >> > ____________________________________________________ >> > Francesco Andrisani >> > mailto:[email protected] >> > Acotel Spa >> > http://www.acotel.com >> > Via della Valle dei Fontanili, 29 >> > 00168 Roma >> > Tel +390661141200 >> > Fax +39066149936 >> > ____________________________________________________ >> > >> > >> > Le informazioni contenute nella comunicazione che precede >> > possono essere riservate e sono, comunque, destinate >> > esclusivamente alla persona o all’ente sopraindicati. La >> > diffusione, distribuzione e/o copiatura non autorizzata del >> > documento trasmesso da parte di qualsiasi soggetto è proibita. >> > La sicurezza e la correttezza dei messaggi di posta >> > elettronica non possono essere garantite. Se avete ricevuto >> > questo messaggio per errore, Vi preghiamo di contattarci >> > immediatamente. Grazie. >> > >> > This message is for the named person's use only. It may >> > contain confidential, proprietary or legally privileged >> > information. No confidentiality or privilege is waived or lost >> > by any transmission. If you receive this message in error, >> > please immediately delete it and all copies of it from your >> > system, destroy any hard copies of it and notify the sender. >> > You must not, directly or indirectly, use, disclose, >> > distribute, print, or copy any part of this message if you are >> > not the intended recipient. Thanks >> > >> > >> > >> > >> > >> > >> > -- >> > ____________________________________________________ >> > Francesco Andrisani >> > mailto:[email protected] >> > Acotel Spa >> > http://www.acotel.com >> > Via della Valle dei Fontanili, 29 >> > 00168 Roma >> > Tel +390661141200 >> > Fax +39066149936 >> > ____________________________________________________ >> > >> > >> > Le informazioni contenute nella comunicazione che precede possono >> > essere riservate e sono, comunque, destinate esclusivamente alla >> > persona o all’ente sopraindicati. La diffusione, distribuzione e/o >> > copiatura non autorizzata del documento trasmesso da parte di >> > qualsiasi soggetto è proibita. La sicurezza e la correttezza dei >> > messaggi di posta elettronica non possono essere garantite. Se avete >> > ricevuto questo messaggio per errore, Vi preghiamo di contattarci >> > immediatamente. Grazie. >> > >> > This message is for the named person's use only. It may contain >> > confidential, proprietary or legally privileged information. No >> > confidentiality or privilege is waived or lost by any transmission. If >> > you receive this message in error, please immediately delete it and >> > all copies of it from your system, destroy any hard copies of it and >> > notify the sender. You must not, directly or indirectly, use, >> > disclose, distribute, print, or copy any part of this message if you >> > are not the intended recipient. Thanks >> > >> > >> >> >> > > > -- > ____________________________________________________ > *Francesco Andrisani* > mailto:[email protected] > *Acotel Spa* > http://www.acotel.com > Via della Valle dei Fontanili, 29 > 00168 Roma > Tel +390661141200 > Fax +39066149936 > ____________________________________________________ > > Le informazioni contenute nella comunicazione che precede possono essere > riservate e sono, comunque, destinate esclusivamente alla persona o > all’ente sopraindicati. La diffusione, distribuzione e/o copiatura non > autorizzata del documento trasmesso da parte di qualsiasi soggetto è > proibita. La sicurezza e la correttezza dei messaggi di posta elettronica > non possono essere garantite. Se avete ricevuto questo messaggio per > errore, Vi preghiamo di contattarci immediatamente. Grazie. > > This message is for the named person's use only. It may contain > confidential, proprietary or legally privileged information. No > confidentiality or privilege is waived or lost by any transmission. If you > receive this message in error, please immediately delete it and all copies > of it from your system, destroy any hard copies of it and notify the > sender. You must not, directly or indirectly, use, disclose, distribute, > print, or copy any part of this message if you are not the intended > recipient. Thanks > > -- ____________________________________________________ *Francesco Andrisani* mailto:[email protected] *Acotel Spa* http://www.acotel.com Via della Valle dei Fontanili, 29 00168 Roma Tel +390661141200 Fax +39066149936 ____________________________________________________ Le informazioni contenute nella comunicazione che precede possono essere riservate e sono, comunque, destinate esclusivamente alla persona o all’ente sopraindicati. La diffusione, distribuzione e/o copiatura non autorizzata del documento trasmesso da parte di qualsiasi soggetto è proibita. La sicurezza e la correttezza dei messaggi di posta elettronica non possono essere garantite. Se avete ricevuto questo messaggio per errore, Vi preghiamo di contattarci immediatamente. Grazie. This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any transmission. If you receive this message in error, please immediately delete it and all copies of it from your system, destroy any hard copies of it and notify the sender. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. Thanks
_______________________________________________ networkmanager-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/networkmanager-list
