I would like to revive this bug report.
I will describe the problem in detail.
I run an ovpn script from the command line and everything goes well.
The ovpn file:
client
dev tun
remote nl.vpn.**.org 443
resolv-retry infinite
nobind
persist-key
persist-tun
auth-nocache
mute-replay-warnings
route 10.0.1.0 255.255.255.0 10.0.2.136
route 10.0.0.0 255.255.255.0 10.0.2.136
route-delay 5
verb 3
explicit-exit-notify 5
remote-cert-tls server
cipher AES-256-CBC
comp-lzo no
proto udp
key-direction 1
I left out certivicates because they are here irrelevant.
The route table before the execution of openvpn is:
Destination Gateway Genmask Flags Metric RefUse Iface
0.0.0.0 10.0.2.136 0.0.0.0 UG10000 enp3s0
10.0.2.00.0.0.0 255.255.255.0 U 10000 enp3s0
10.0.2.136 is my home router.
After the execution of sudo openvpn the route table is:
Destination Gateway Genmask Flags Metric Ref
Use Iface
0.0.0.0 10.17.76.1 128.0.0.0UG0 0
0 tun0
0.0.0.0 10.0.2.136 0.0.0.0 UG1000
0 enp3s0
10.0.0.0 10.0.2.136 255.255.255.0UG0 0
0 enp3s0
10.0.1.0 10.0.2.136 255.255.255.0UG0 0
0 enp3s0
10.0.2.00.0.0.0 255.255.255.0U 1000
0 enp3s0
10.17.76.0 0.0.0.0 255.255.255.0U 0 0
0 tun0
128.0.0.0 10.17.76.1128.0.0.0UG0 0
0 tun0
213.152.162.73 10.0.2.136255.255.255.255 UGH 0 0
0 enp3s0
This looks a bit complicated to me but it is working. Note the two lines for
the networks 10.0.1.0/24 and 10.0.0.0/24.
They are needed to divert traffic for those networks to my home router
10.0.2.136.
Traffic for my home network 10.0.2.0/24 stays in the home network.
All other traffic goes to the tun0 device (the vpn provider).
In the Network Manager I imported the ovpn file and the resulting
network manager file /etc/NetworkManager/system-connections/vpnnl file
is:
id=provider_UDP-443
uuid=88baf716
type=vpn
autoconnect=false
permissions=
[vpn]
cert-pass-flags=0
cipher=AES-256-CBC
comp-lzo=no-by-default
connection-type=tls
dev=tun
key=***.pem
remote=nl.vpn.provider.org:443
remote-cert-tls=server
ta-dir=1
service-type=org.freedesktop.NetworkManager.openvpn
[ipv4]
dns-search=
method=auto
route1=10.0.1.0/24,10.0.2.136
route2=10.0.0.0/24,10.0.2.136
[ipv6]
addr-gen-mode=stable-privacy
dns-search=
ip6-privacy=0
method=auto
I left out some statements concerning security and privacy. Note the two route
statements.
When I make the vpn connection with this connections file I get the error
message:
connection failed because VPN service returned invalid configuration.
When I remove the two route statements in the network-manager/ edit
connections section the connection is properly made but ofcourse without
the two route statements in the route table:
Destination Gateway Genmask Flags Metric
RefUse Iface
0.0.0.0 10.0.2.136 0.0.0.0 UG 100
00 enp3s0
10.0.2.00.0.0.0 255.255.255.0 U 100
00 enp3s0
10.0.2.136 0.0.0.0 255.255.255.255 UH 100
00 enp3s0
10.27.44.0 0.0.0.0 255.255.255.0 U 50
00 tun0
213.152.162.148 10.0.2.136 255.255.255.255 UGH 100
00 enp3s0
there are more differences that I don't fully understand. I can,
ofcourse, add these route statements by hand but that is not the point.
(I can also live for a short moment with an unreachable network).
When I change the 2 extra route statement (10.0.2.136 changed in
0.0.0.0) (in the vpnnl file) the error message disappears but the two
route statements (in the route table) divert the traffic then to tun0
(should be enp3s0).
If you want to know more please ask.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1608646
Title:
ip4 static routes added in NetworkManager UI fail and prevent
connection
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1608646/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
