unsuscribe end
Le 03/11/2011 16:22, [email protected] a écrit :
Send networkmanager-list mailing list submissions to [email protected] To subscribe or unsubscribe via the World Wide Web, visit http://mail.gnome.org/mailman/listinfo/networkmanager-list or, via email, send a message with subject or body 'help' to [email protected] You can reach the person managing the list at [email protected] When replying, please edit your Subject line so it is more specific than "Re: Contents of networkmanager-list digest..." Today's Topics: 1. Re: OpenVpn plugin NeedSecret (Francesco Andrisani) ---------------------------------------------------------------------- Message: 1 Date: Thu, 3 Nov 2011 16:21:38 +0100 From: Francesco Andrisani<[email protected]> To: Dan Williams<[email protected]> Cc: [email protected] Subject: Re: OpenVpn plugin NeedSecret Message-ID: <calced1to35dnh90baedlqaydwppcjxrps_032bjgyuzd+wv...@mail.gmail.com> Content-Type: text/plain; charset="windows-1252" Hi, then...below my new (NetworkManager-openvpn) confg file and client.conf (openvpn) config file: debian# cat /etc/NetworkManager/system-connections/VPNconnection [connection] id=VPNconnection uuid=355653c0-34d3-4777-ad25-f9a498b7ef8e type=vpn autoconnect=FALSE [ipv4] method=auto [vpn] name=openvpn service-type=org.freedesktop.NetworkManager.openvpn remote=openvpn.xxx.xxxxx.it proto-udp=yes reneg-seconds=0 port=1194 ca=/etc/openvpn/certs/cacert.crt cert=/etc/openvpn/certs/xxxxxxxx-vpn.pem key=/etc/openvpn/certs/xxxxxxxxx-vpn-key.pem [ipv6] method=ignore debian# cat /etc/openvpn/client.conf client dev tun proto udp # This is the remote ip address and port of the VPN Server remote openvpn.xxx.xxxxxx.it resolv-retry infinite ping 10 ping-restart 60 nobind persist-key persist-tun ca certs/cacert.crt cert certs/xxxxxxxx-vpn.pem key certs/xxxxxxxxxx-vpn-key.pem verb 3 comp-lzo explicit-exit-notify 2 log-append /var/log/openvpn.log Now...after your changes, if i try to start vpn from NetworkManager i can see these logs: Nov 3 16:26:54 debian NetworkManager[2899]:<info> Starting VPN service 'openvpn'... Nov 3 16:26:54 debian NetworkManager[2899]:<info> VPN service 'openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 3296 Nov 3 16:26:54 debian NetworkManager[2899]:<info> VPN service 'openvpn' appeared; activating connections Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.716383] [nm-vpn-connection.c:902] get_secrets(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection) requesting VPN secrets pass #1 Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.716961] [nm-agent-manager.c:1100] nm_agent_manager_get_secrets(): Secrets requested for connection /org/freedesktop/NetworkManager/Settings/5 (vpn) Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.717110] [nm-settings-connection.c:850] nm_settings_connection_get_secrets(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:3) secrets requested flags 0x80000000 hint '(null)' Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.720913] [nm-agent-manager.c:1015] get_start(): (0xfcba0/vpn) system settings secrets sufficient Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.721055] [nm-settings-connection.c:706] agent_secrets_done_cb(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:3) existing secrets returned Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.721154] [nm-settings-connection.c:712] agent_secrets_done_cb(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:3) secrets request completed Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.733265] [nm-settings-connection.c:751] agent_secrets_done_cb(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:3) new agent secrets processed Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.733906] [nm-vpn-connection.c:870] get_secrets_cb(): (355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection) asking service if additional secrets are required Nov 3 16:26:54 debian NetworkManager[2899]:<info> VPN plugin state changed: 1 Nov 3 16:26:54 debian NetworkManager[2899]:<info> Policy set 'MyConnection' (eth0) as default for IPv4 routing and DNS. Nov 3 16:27:00 debian NetworkManager[2899]:<info> VPN service 'openvpn' disappeared Nov 3 16:27:02 debian NetworkManager[2899]:<debug> [1320337622.2972] [nm-vpn-service.c:267] ensure_killed(): waiting for VPN service pid 3296 to exit Nov 3 16:27:02 debian NetworkManager[2899]:<debug> [1320337622.3592] [nm-vpn-service.c:269] ensure_killed(): VPN service pid 3296 cleaned up Thanks and Regards On Thu, Nov 3, 2011 at 4:03 PM, Francesco Andrisani< [email protected]> wrote:Thanks a lot. But i'm not able to know all parameter to intert into my /etc/NetworkManager/system-connections/VPNconnection. For example keyfile, certficate, ecc Please can you tell me how to find these informations (all parameters)? Thanks and regards On Thu, Nov 3, 2011 at 3:51 PM, Dan Williams<[email protected]> wrote:On Thu, 2011-11-03 at 10:26 +0100, Francesco Andrisani wrote:Anothe DEBUG info: debian:/etc/NetworkManager# /usr/libexec/nm-openvpn-service --debug ** Message: nm-openvpn-service (version 0.9.0) starting... ** Message: real_need_secrets: connection ------------------------------------- connection name : "connection" id : "VPNconnection" (s) uuid : "355653c0-34d3-4777-ad25-f9a498b7ef8e" (s) type : "vpn" (s) permissions : [] (sd) autoconnect : FALSE (s) timestamp : 0 (sd) read-only : FALSE (sd) ipv4 name : "ipv4" method : "auto" (s) dns : [] (s) dns-search : [] (sd) addresses : [] (s) routes : [] (s) ignore-auto-routes : FALSE (sd) ignore-auto-dns : FALSE (sd) dhcp-client-id : NULL (sd) dhcp-send-hostname : TRUE (sd) dhcp-hostname : NULL (sd) never-default : FALSE (sd) may-fail : FALSE (sd) ipv6 name : "ipv6" method : "ignore" (s) dns : [] (s) dns-search : [] (sd) addresses : [] (s) routes : [] (s) ignore-auto-routes : FALSE (sd) ignore-auto-dns : FALSE (sd) never-default : FALSE (sd) may-fail : TRUE (sd) vpn name : "vpn" service-type : "org.freedesktop.NetworkManager.openvpn" (s) user-name : NULL (sd) data : [ { 'name': openvpn }, ] (s) secrets : [ ] (s)So here's the problem; the [vpn] setting isn't completely specified. Did you import this connection from an openvpn config file? Unless this was changed at some point (or there's a bug in the editor) this connection was never valid since it doesn't have the required connection type field and a few other things. Here's what it *should* look like: [vpn] service-type=org.freedesktop.NetworkManager.openvpn connection-type=password password-flags=3 remote=ovpn.mycompany.com cipher=AES-256-CBC proto-tcp=yes reneg-seconds=0 port=443 username=dcbw ca=/home/dcbw/MyCA.pem or something along those lines. If you imported it from a config file, can you try doing that again? If it still looks like this, can you send me the config file so I can see what's going wrong? DanRegards On Thu, Nov 3, 2011 at 10:12 AM, Francesco Andrisani <[email protected]> wrote: OK. So i've installed openvpn client on my workstation with certificate authentication and...it work fine. About NetworkManager-openvpn i've installed (from sources) 0.9.0 version, the same of NetworkManager (it also installed from sources). A clarification...i use the system without X server (no gnome, no kde). Below my NetworkManager and NetworkManager-openvpn configuration files. debian:/etc/NetworkManager# cat system-connections/VPNconnection [connection] id=VPNconnection uuid=355653c0-34d3-4777-ad25-f9a498b7ef8e type=vpn autoconnect=FALSE [ipv4] method=auto [vpn] name=openvpn service-type=org.freedesktop.NetworkManager.openvpn [ipv6] method=ignore I've no secrets specified here, Is it correct? I've no password for start opevpn client manually. Only certificate authentication. debian:/etc/NetworkManager# cat VPN/nm-openvpn-service.name [VPN Connection] name=openvpn service=org.freedesktop.NetworkManager.openvpn program=/usr/libexec/nm-openvpn-service Regards On Thu, Nov 3, 2011 at 2:25 AM, Dan Williams<[email protected]> wrote: On Wed, 2011-11-02 at 10:21 +0100, Francesco Andrisani wrote: > (355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection) plugin > NeedSecrets > request #1 failed: dbus-glib-error-quark Invalid connection type. This part is the problem. Any chance you could paste in your vpn connection file from /etc/NetworkManager/system-connections for us to look at? Remove any passwords and XXXX out any sensitive information before doing so. Any idea what version of NetworkManager-openvpn you've got installed? Dan -- ____________________________________________________ Francesco Andrisani mailto:[email protected] Acotel Spa http://www.acotel.com Via della Valle dei Fontanili, 29 00168 Roma Tel +390661141200 Fax +39066149936 ____________________________________________________ Le informazioni contenute nella comunicazione che precede possono essere riservate e sono, comunque, destinate esclusivamente alla persona o all?ente sopraindicati. La diffusione, distribuzione e/o copiatura non autorizzata del documento trasmesso da parte di qualsiasi soggetto ? proibita. La sicurezza e la correttezza dei messaggi di posta elettronica non possono essere garantite. Se avete ricevuto questo messaggio per errore, Vi preghiamo di contattarci immediatamente. Grazie. This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any transmission. If you receive this message in error, please immediately delete it and all copies of it from your system, destroy any hard copies of it and notify the sender. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. Thanks -- ____________________________________________________ Francesco Andrisani mailto:[email protected] Acotel Spa http://www.acotel.com Via della Valle dei Fontanili, 29 00168 Roma Tel +390661141200 Fax +39066149936 ____________________________________________________ Le informazioni contenute nella comunicazione che precede possono essere riservate e sono, comunque, destinate esclusivamente alla persona o all?ente sopraindicati. La diffusione, distribuzione e/o copiatura non autorizzata del documento trasmesso da parte di qualsiasi soggetto ? proibita. La sicurezza e la correttezza dei messaggi di posta elettronica non possono essere garantite. Se avete ricevuto questo messaggio per errore, Vi preghiamo di contattarci immediatamente. Grazie. This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any transmission. If you receive this message in error, please immediately delete it and all copies of it from your system, destroy any hard copies of it and notify the sender. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. Thanks-- ____________________________________________________ *Francesco Andrisani* mailto:[email protected] *Acotel Spa* http://www.acotel.com Via della Valle dei Fontanili, 29 00168 Roma Tel +390661141200 Fax +39066149936 ____________________________________________________ Le informazioni contenute nella comunicazione che precede possono essere riservate e sono, comunque, destinate esclusivamente alla persona o all?ente sopraindicati. La diffusione, distribuzione e/o copiatura non autorizzata del documento trasmesso da parte di qualsiasi soggetto ? proibita. La sicurezza e la correttezza dei messaggi di posta elettronica non possono essere garantite. Se avete ricevuto questo messaggio per errore, Vi preghiamo di contattarci immediatamente. Grazie. This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any transmission. If you receive this message in error, please immediately delete it and all copies of it from your system, destroy any hard copies of it and notify the sender. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. Thanks
-- Julien Briche Ingénieur de Recherche ROBOPEC 183 Chemin des Négadoux 83130 Six-Fours les Plages Tél: 0667093015 http://www.robopec.com http://www.reeti.fr _______________________________________________ networkmanager-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/networkmanager-list
