Note: sorry for the potential duplicate email, I sent it before & after having registered to the list!
Hello all, I have a working openvpn config (see below) which I can't get to fully work with Network Manager: the private IPv6 network is not accessible when connecting to the VPN with NM(*). Here is what I get for tun0 when connecting with NM: -------- $ ip a l tun0 17: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 500 link/none inet 10.66.6.4/24 brd 10.66.6.255 scope global noprefixroute tun0 valid_lft forever preferred_lft forever inet6 2001:bc8:3d1d:1337::1002 peer 2001:bc8:3d1d:1337::1/64 scope global noprefixroute valid_lft forever preferred_lft forever -------- When connecting with systemd or via the command line (sudo openvpn --config vpn.conf) : -------- $ ip a l tun0 14: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 500 link/none inet 10.66.6.4/24 scope global tun0 valid_lft forever preferred_lft forever inet6 2001:bc8:3d1d:1337::1002/64 scope global valid_lft forever preferred_lft forever inet6 fe80::24b7:bb72:a319:252d/64 scope link stable-privacy valid_lft forever preferred_lft forever -------- → Note the scope global inet6 differences above: peer vs subnet (*) In order to avoid having all my trafic routed through the vpn, I did check "Use this connection only for resources on its network" for IPv4 & IPv6. Is there a way to make Network Manager behave like openvpn --config vpn.conf? Here is additionnal informations: -------- $ nmcli device show tun0 GENERAL.DEVICE: tun0 GENERAL.TYPE: tun GENERAL.HWADDR: (unknown) GENERAL.MTU: 1500 GENERAL.STATE: 100 (connected (externally)) GENERAL.CONNECTION: tun0 GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/27 IP4.ADDRESS[1]: 10.66.6.4/24 IP4.GATEWAY: -- IP4.ROUTE[1]: dst = 10.66.6.0/24, nh = 0.0.0.0, mt = 50 IP6.ADDRESS[1]: 2001:bc8:3d1d:1337::1002/64 IP6.GATEWAY: -- IP6.ROUTE[1]: dst = 2001:bc8:3d1d:1337::1/128, nh = ::, mt = 256 IP6.ROUTE[2]: dst = 2001:bc8:3d1d:1337::1002/128, nh = ::, mt = 50 IP6.ROUTE[3]: dst = 2001:bc8:3d1d:1337::1/128, nh = ::, mt = 50 -------- And the openvpn client config I imported from NM (minus the certs&keys): | client | dev tun | # try standard port first | remote hub.nsoc.fr | remote hub.nsoc.fr 53 | ping 25 | ping-restart 120 | persist-key | persist-tun | tls-version-min 1.3 | remote-cert-tls server | mute-replay-warnings | | askpass | verb 3 | | <ca></ca> | <cert></cert> | <key></key> | <tls-crypt-v2></tls-crypt-v2> Thank you in advance! Samuel
_______________________________________________ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list