On Thu, 2011-11-03 at 16:46 +0100, julien wrote: > unsuscribe > end You can do this by visiting:
http://mail.gnome.org/mailman/listinfo/networkmanager-list and unsubscribing yourself on that page. Dan > > Le 03/11/2011 16:22, [email protected] a écrit : > > Send networkmanager-list mailing list submissions to > > [email protected] > > > > To subscribe or unsubscribe via the World Wide Web, visit > > http://mail.gnome.org/mailman/listinfo/networkmanager-list > > or, via email, send a message with subject or body 'help' to > > [email protected] > > > > You can reach the person managing the list at > > [email protected] > > > > When replying, please edit your Subject line so it is more specific > > than "Re: Contents of networkmanager-list digest..." > > > > > > Today's Topics: > > > > 1. Re: OpenVpn plugin NeedSecret (Francesco Andrisani) > > > > > > ---------------------------------------------------------------------- > > > > Message: 1 > > Date: Thu, 3 Nov 2011 16:21:38 +0100 > > From: Francesco Andrisani<[email protected]> > > To: Dan Williams<[email protected]> > > Cc: [email protected] > > Subject: Re: OpenVpn plugin NeedSecret > > Message-ID: > > <calced1to35dnh90baedlqaydwppcjxrps_032bjgyuzd+wv...@mail.gmail.com> > > Content-Type: text/plain; charset="windows-1252" > > > > Hi, > > then...below my new (NetworkManager-openvpn) confg file and client.conf > > (openvpn) config file: > > > > debian# cat /etc/NetworkManager/system-connections/VPNconnection > > [connection] > > id=VPNconnection > > uuid=355653c0-34d3-4777-ad25-f9a498b7ef8e > > type=vpn > > autoconnect=FALSE > > > > [ipv4] > > method=auto > > > > [vpn] > > name=openvpn > > service-type=org.freedesktop.NetworkManager.openvpn > > remote=openvpn.xxx.xxxxx.it > > proto-udp=yes > > reneg-seconds=0 > > port=1194 > > ca=/etc/openvpn/certs/cacert.crt > > cert=/etc/openvpn/certs/xxxxxxxx-vpn.pem > > key=/etc/openvpn/certs/xxxxxxxxx-vpn-key.pem > > > > [ipv6] > > method=ignore > > > > debian# cat /etc/openvpn/client.conf > > client > > dev tun > > proto udp > > # This is the remote ip address and port of the VPN Server > > remote openvpn.xxx.xxxxxx.it > > resolv-retry infinite > > ping 10 > > ping-restart 60 > > nobind > > persist-key > > persist-tun > > ca certs/cacert.crt > > cert certs/xxxxxxxx-vpn.pem > > key certs/xxxxxxxxxx-vpn-key.pem > > verb 3 > > comp-lzo > > explicit-exit-notify 2 > > log-append /var/log/openvpn.log > > > > Now...after your changes, if i try to start vpn from NetworkManager i can > > see these logs: > > > > Nov 3 16:26:54 debian NetworkManager[2899]:<info> Starting VPN service > > 'openvpn'... > > Nov 3 16:26:54 debian NetworkManager[2899]:<info> VPN service 'openvpn' > > started (org.freedesktop.NetworkManager.openvpn), PID 3296 > > Nov 3 16:26:54 debian NetworkManager[2899]:<info> VPN service 'openvpn' > > appeared; activating connections > > Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.716383] > > [nm-vpn-connection.c:902] get_secrets(): > > (355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection) requesting VPN secrets > > pass #1 > > Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.716961] > > [nm-agent-manager.c:1100] nm_agent_manager_get_secrets(): Secrets requested > > for connection /org/freedesktop/NetworkManager/Settings/5 (vpn) > > Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.717110] > > [nm-settings-connection.c:850] nm_settings_connection_get_secrets(): > > (355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:3) secrets requested flags > > 0x80000000 hint '(null)' > > Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.720913] > > [nm-agent-manager.c:1015] get_start(): (0xfcba0/vpn) system settings > > secrets sufficient > > Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.721055] > > [nm-settings-connection.c:706] agent_secrets_done_cb(): > > (355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:3) existing secrets returned > > Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.721154] > > [nm-settings-connection.c:712] agent_secrets_done_cb(): > > (355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:3) secrets request completed > > Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.733265] > > [nm-settings-connection.c:751] agent_secrets_done_cb(): > > (355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:3) new agent secrets processed > > Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.733906] > > [nm-vpn-connection.c:870] get_secrets_cb(): > > (355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection) asking service if > > additional secrets are required > > Nov 3 16:26:54 debian NetworkManager[2899]:<info> VPN plugin state > > changed: 1 > > Nov 3 16:26:54 debian NetworkManager[2899]:<info> Policy set > > 'MyConnection' (eth0) as default for IPv4 routing and DNS. > > Nov 3 16:27:00 debian NetworkManager[2899]:<info> VPN service 'openvpn' > > disappeared > > Nov 3 16:27:02 debian NetworkManager[2899]:<debug> [1320337622.2972] > > [nm-vpn-service.c:267] ensure_killed(): waiting for VPN service pid 3296 to > > exit > > Nov 3 16:27:02 debian NetworkManager[2899]:<debug> [1320337622.3592] > > [nm-vpn-service.c:269] ensure_killed(): VPN service pid 3296 cleaned up > > > > Thanks and Regards > > > > On Thu, Nov 3, 2011 at 4:03 PM, Francesco Andrisani< > > [email protected]> wrote: > > > >> Thanks a lot. But i'm not able to know all parameter to intert into my > >> /etc/NetworkManager/system-connections/VPNconnection. > >> > >> For example keyfile, certficate, ecc > >> > >> Please can you tell me how to find these informations (all parameters)? > >> > >> Thanks and regards > >> > >> > >> On Thu, Nov 3, 2011 at 3:51 PM, Dan Williams<[email protected]> wrote: > >> > >>> On Thu, 2011-11-03 at 10:26 +0100, Francesco Andrisani wrote: > >>>> Anothe DEBUG info: > >>>> > >>>> debian:/etc/NetworkManager# /usr/libexec/nm-openvpn-service --debug > >>>> ** Message: nm-openvpn-service (version 0.9.0) starting... > >>>> ** Message: real_need_secrets: connection > >>>> ------------------------------------- > >>>> connection > >>>> name : "connection" > >>>> id : "VPNconnection" (s) > >>>> uuid : "355653c0-34d3-4777-ad25-f9a498b7ef8e" (s) > >>>> type : "vpn" (s) > >>>> permissions : [] (sd) > >>>> autoconnect : FALSE (s) > >>>> timestamp : 0 (sd) > >>>> read-only : FALSE (sd) > >>>> > >>>> > >>>> ipv4 > >>>> name : "ipv4" > >>>> method : "auto" (s) > >>>> dns : [] (s) > >>>> dns-search : [] (sd) > >>>> addresses : [] (s) > >>>> routes : [] (s) > >>>> ignore-auto-routes : FALSE (sd) > >>>> ignore-auto-dns : FALSE (sd) > >>>> dhcp-client-id : NULL (sd) > >>>> dhcp-send-hostname : TRUE (sd) > >>>> dhcp-hostname : NULL (sd) > >>>> never-default : FALSE (sd) > >>>> may-fail : FALSE (sd) > >>>> > >>>> > >>>> ipv6 > >>>> name : "ipv6" > >>>> method : "ignore" (s) > >>>> dns : [] (s) > >>>> dns-search : [] (sd) > >>>> addresses : [] (s) > >>>> routes : [] (s) > >>>> ignore-auto-routes : FALSE (sd) > >>>> ignore-auto-dns : FALSE (sd) > >>>> never-default : FALSE (sd) > >>>> may-fail : TRUE (sd) > >>>> > >>>> > >>>> vpn > >>>> name : "vpn" > >>>> service-type : "org.freedesktop.NetworkManager.openvpn" (s) > >>>> user-name : NULL (sd) > >>>> data : [ { 'name': openvpn }, ] (s) > >>>> secrets : [ ] (s) > >>> So here's the problem; the [vpn] setting isn't completely specified. > >>> Did you import this connection from an openvpn config file? Unless this > >>> was changed at some point (or there's a bug in the editor) this > >>> connection was never valid since it doesn't have the required connection > >>> type field and a few other things. Here's what it *should* look like: > >>> > >>> [vpn] > >>> service-type=org.freedesktop.NetworkManager.openvpn > >>> connection-type=password > >>> password-flags=3 > >>> remote=ovpn.mycompany.com > >>> cipher=AES-256-CBC > >>> proto-tcp=yes > >>> reneg-seconds=0 > >>> port=443 > >>> username=dcbw > >>> ca=/home/dcbw/MyCA.pem > >>> > >>> or something along those lines. If you imported it from a config file, > >>> can you try doing that again? If it still looks like this, can you send > >>> me the config file so I can see what's going wrong? > >>> > >>> Dan > >>> > >>>> Regards > >>>> > >>>> > >>>> On Thu, Nov 3, 2011 at 10:12 AM, Francesco Andrisani > >>>> <[email protected]> wrote: > >>>> OK. > >>>> > >>>> So i've installed openvpn client on my workstation with > >>>> certificate authentication and...it work fine. > >>>> About NetworkManager-openvpn i've installed (from sources) > >>>> 0.9.0 version, the same of NetworkManager (it also installed > >>>> from sources). > >>>> > >>>> A clarification...i use the system without X server (no gnome, > >>>> no kde). > >>>> Below my NetworkManager and NetworkManager-openvpn > >>>> configuration files. > >>>> > >>>> debian:/etc/NetworkManager# cat > >>>> system-connections/VPNconnection > >>>> [connection] > >>>> id=VPNconnection > >>>> uuid=355653c0-34d3-4777-ad25-f9a498b7ef8e > >>>> type=vpn > >>>> autoconnect=FALSE > >>>> > >>>> [ipv4] > >>>> method=auto > >>>> > >>>> [vpn] > >>>> name=openvpn > >>>> service-type=org.freedesktop.NetworkManager.openvpn > >>>> > >>>> [ipv6] > >>>> method=ignore > >>>> > >>>> I've no secrets specified here, Is it correct? I've no > >>>> password for start opevpn client manually. Only certificate > >>>> authentication. > >>>> > >>>> debian:/etc/NetworkManager# cat VPN/nm-openvpn-service.name > >>>> [VPN Connection] > >>>> name=openvpn > >>>> service=org.freedesktop.NetworkManager.openvpn > >>>> program=/usr/libexec/nm-openvpn-service > >>>> > >>>> Regards > >>>> > >>>> > >>>> > >>>> On Thu, Nov 3, 2011 at 2:25 AM, Dan Williams<[email protected]> > >>>> wrote: > >>>> On Wed, 2011-11-02 at 10:21 +0100, Francesco Andrisani > >>>> wrote: > >>>> > (355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection) > >>>> plugin > >>>> > NeedSecrets > >>>> > request #1 failed: dbus-glib-error-quark Invalid > >>>> connection type. > >>>> > >>>> > >>>> This part is the problem. Any chance you could paste > >>>> in your vpn > >>>> connection file > >>>> from /etc/NetworkManager/system-connections for us to > >>>> look at? Remove any passwords and XXXX out any > >>>> sensitive information > >>>> before doing so. > >>>> > >>>> Any idea what version of NetworkManager-openvpn you've > >>>> got installed? > >>>> > >>>> Dan > >>>> > >>>> > >>>> > >>>> > >>>> > >>>> > >>>> -- > >>>> ____________________________________________________ > >>>> Francesco Andrisani > >>>> mailto:[email protected] > >>>> Acotel Spa > >>>> http://www.acotel.com > >>>> Via della Valle dei Fontanili, 29 > >>>> 00168 Roma > >>>> Tel +390661141200 > >>>> Fax +39066149936 > >>>> ____________________________________________________ > >>>> > >>>> > >>>> Le informazioni contenute nella comunicazione che precede > >>>> possono essere riservate e sono, comunque, destinate > >>>> esclusivamente alla persona o all?ente sopraindicati. La > >>>> diffusione, distribuzione e/o copiatura non autorizzata del > >>>> documento trasmesso da parte di qualsiasi soggetto ? proibita. > >>>> La sicurezza e la correttezza dei messaggi di posta > >>>> elettronica non possono essere garantite. Se avete ricevuto > >>>> questo messaggio per errore, Vi preghiamo di contattarci > >>>> immediatamente. Grazie. > >>>> > >>>> This message is for the named person's use only. It may > >>>> contain confidential, proprietary or legally privileged > >>>> information. No confidentiality or privilege is waived or lost > >>>> by any transmission. If you receive this message in error, > >>>> please immediately delete it and all copies of it from your > >>>> system, destroy any hard copies of it and notify the sender. > >>>> You must not, directly or indirectly, use, disclose, > >>>> distribute, print, or copy any part of this message if you are > >>>> not the intended recipient. Thanks > >>>> > >>>> > >>>> > >>>> > >>>> > >>>> > >>>> -- > >>>> ____________________________________________________ > >>>> Francesco Andrisani > >>>> mailto:[email protected] > >>>> Acotel Spa > >>>> http://www.acotel.com > >>>> Via della Valle dei Fontanili, 29 > >>>> 00168 Roma > >>>> Tel +390661141200 > >>>> Fax +39066149936 > >>>> ____________________________________________________ > >>>> > >>>> > >>>> Le informazioni contenute nella comunicazione che precede possono > >>>> essere riservate e sono, comunque, destinate esclusivamente alla > >>>> persona o all?ente sopraindicati. La diffusione, distribuzione e/o > >>>> copiatura non autorizzata del documento trasmesso da parte di > >>>> qualsiasi soggetto ? proibita. La sicurezza e la correttezza dei > >>>> messaggi di posta elettronica non possono essere garantite. Se avete > >>>> ricevuto questo messaggio per errore, Vi preghiamo di contattarci > >>>> immediatamente. Grazie. > >>>> > >>>> This message is for the named person's use only. It may contain > >>>> confidential, proprietary or legally privileged information. No > >>>> confidentiality or privilege is waived or lost by any transmission. If > >>>> you receive this message in error, please immediately delete it and > >>>> all copies of it from your system, destroy any hard copies of it and > >>>> notify the sender. You must not, directly or indirectly, use, > >>>> disclose, distribute, print, or copy any part of this message if you > >>>> are not the intended recipient. Thanks > >>>> > >>>> > >>> > >>> > >> > >> -- > >> ____________________________________________________ > >> *Francesco Andrisani* > >> mailto:[email protected] > >> *Acotel Spa* > >> http://www.acotel.com > >> Via della Valle dei Fontanili, 29 > >> 00168 Roma > >> Tel +390661141200 > >> Fax +39066149936 > >> ____________________________________________________ > >> > >> Le informazioni contenute nella comunicazione che precede possono essere > >> riservate e sono, comunque, destinate esclusivamente alla persona o > >> all?ente sopraindicati. La diffusione, distribuzione e/o copiatura non > >> autorizzata del documento trasmesso da parte di qualsiasi soggetto ? > >> proibita. La sicurezza e la correttezza dei messaggi di posta elettronica > >> non possono essere garantite. Se avete ricevuto questo messaggio per > >> errore, Vi preghiamo di contattarci immediatamente. Grazie. > >> > >> This message is for the named person's use only. It may contain > >> confidential, proprietary or legally privileged information. No > >> confidentiality or privilege is waived or lost by any transmission. If you > >> receive this message in error, please immediately delete it and all copies > >> of it from your system, destroy any hard copies of it and notify the > >> sender. You must not, directly or indirectly, use, disclose, distribute, > >> print, or copy any part of this message if you are not the intended > >> recipient. Thanks > >> > >> > > > > _______________________________________________ networkmanager-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/networkmanager-list
