Re: [Linux-users] WAS Chit chat Re: Testing List - please delete NOW Evolution connection
Volker Kuhlmann wrote, On 10/13/2012 12:30 PM: On Sat 13 Oct 2012 12:13:08 NZDT +1300, Steve Holdoway wrote: I do not use NM for my VPNs, just the main network connection. There is no requirement to do so for OpenVPN. How do you start your openvpn? xterm -e sudo openvpn /etc/openvpn/CONFIG.ovpn (enter credentials, minimise xterm, carry on) GUIs are an excellent invention for tiling more xterms. -- Craig Falconer ___ Linux-users mailing list Linux-users@lists.canterbury.ac.nz http://lists.canterbury.ac.nz/mailman/listinfo/linux-users
Re: [Linux-users] WAS Chit chat Re: Testing List - please delete NOW Evolution connection
On Fri 12 Oct 2012 11:57:20 NZDT +1300, Jim Cheetham wrote: It would help, except for the fact that Evolution/GNOME(?) have simply ignored the whole use-case of I do not want Network Manager to manage my network, but I have not uninstalled it. NM is a user-based tool, which is very good if you have to use personal credentials to access the network (i.e. corporate wifi mainly, or most VPNs). NM is a complete total waste of disk space for VPN. Why? To make it connect, you need one more critical option in the openvpn configuration file to meet the security level of the openvpn server. Does NM allow you to put it in? Oh hells bells! We do not allow users to just add any odd configuration option - that's too dangerous, even as root, we need to nanny users to prevent them from shooting themselves in the foot. We know what's best for you(TM). Dickheads. Volker -- Volker Kuhlmann http://volker.dnsalias.net/ Please do not CC list postings to me. ___ Linux-users mailing list Linux-users@lists.canterbury.ac.nz http://lists.canterbury.ac.nz/mailman/listinfo/linux-users
Re: [Linux-users] WAS Chit chat Re: Testing List - please delete NOW Evolution connection
On Fri, 2012-10-12 at 19:01 +1300, Volker Kuhlmann wrote: On Fri 12 Oct 2012 11:57:20 NZDT +1300, Jim Cheetham wrote: It would help, except for the fact that Evolution/GNOME(?) have simply ignored the whole use-case of I do not want Network Manager to manage my network, but I have not uninstalled it. NM is a user-based tool, which is very good if you have to use personal credentials to access the network (i.e. corporate wifi mainly, or most VPNs). NM is a complete total waste of disk space for VPN. Why? To make it connect, you need one more critical option in the openvpn configuration file to meet the security level of the openvpn server. Does NM allow you to put it in? Oh hells bells! We do not allow users to just add any odd configuration option - that's too dangerous, even as root, we need to nanny users to prevent them from shooting themselves in the foot. We know what's best for you(TM). Dickheads. Volker I do not use NM for my VPNs, just the main network connection. There is no requirement to do so for OpenVPN. So, it's a simple workaround in your case. Stupid, but simple. Steve -- Steve Holdoway BSc(Hons) MIITP http://www.greengecko.co.nz MSN: st...@greengecko.co.nz Skype: sholdowa smime.p7s Description: S/MIME cryptographic signature ___ Linux-users mailing list Linux-users@lists.canterbury.ac.nz http://lists.canterbury.ac.nz/mailman/listinfo/linux-users
Re: [Linux-users] WAS Chit chat Re: Testing List - please delete NOW Evolution connection
On Sat 13 Oct 2012 12:13:08 NZDT +1300, Steve Holdoway wrote: I do not use NM for my VPNs, just the main network connection. There is no requirement to do so for OpenVPN. How do you start your openvpn? I tried to do so directly, which works fine as far as extablishing the tunnel is concerned, but doesn't do anything about adjusting the routing table or the resolver list. Both essential for VPN use. I found kvpnc the only working solution, but it's too buggy to be too enthusiastic about. Volker -- Volker Kuhlmann http://volker.dnsalias.net/ Please do not CC list postings to me. ___ Linux-users mailing list Linux-users@lists.canterbury.ac.nz http://lists.canterbury.ac.nz/mailman/listinfo/linux-users
Re: [Linux-users] WAS Chit chat Re: Testing List - please delete NOW Evolution connection
On Sat, 2012-10-13 at 12:30 +1300, Volker Kuhlmann wrote: On Sat 13 Oct 2012 12:13:08 NZDT +1300, Steve Holdoway wrote: I do not use NM for my VPNs, just the main network connection. There is no requirement to do so for OpenVPN. How do you start your openvpn? I tried to do so directly, which works fine as far as extablishing the tunnel is concerned, but doesn't do anything about adjusting the routing table or the resolver list. Both essential for VPN use. I found kvpnc the only working solution, but it's too buggy to be too enthusiastic about. Volker Openvpn is started automagically at bootup. I'm still in the land of /etc/init.d/ wherever possible myself. Routing tables are modified from the server config on startup of that connection. look at the (eg) server 10.12.14.0 255.255.255.0 and (eg) push route 192.168.10.0 255.255.255.0 config settings to enable access to remote subnets as well. Some iptables forwarding on server may be necessary ( tun0 - eth0 or similar ), and static routing on ultimate servers on remote subnets if the OpenVPN server if it isn't the default route. ( or you can cheat and just masquerade all incoming connections over tun0 ). For DNS resolution, a google on /usr/share/openvpn/update-resolv-conf should provide you with all of the information necessary. (and not a clickety-click in sight (: ). Steve -- Steve Holdoway BSc(Hons) MIITP http://www.greengecko.co.nz MSN: st...@greengecko.co.nz Skype: sholdowa smime.p7s Description: S/MIME cryptographic signature ___ Linux-users mailing list Linux-users@lists.canterbury.ac.nz http://lists.canterbury.ac.nz/mailman/listinfo/linux-users
Re: [Linux-users] WAS Chit chat Re: Testing List - please delete NOW Evolution connection
On Sat 13 Oct 2012 13:01:28 NZDT +1300, Steve Holdoway wrote: Openvpn is started automagically at bootup. I'm still in the land of /etc/init.d/ wherever possible myself. Routing tables are modified from the server config on startup of that connection. look at the (eg) server 10.12.14.0 255.255.255.0 and (eg) push route 192.168.10.0 255.255.255.0 config settings to enable access to remote subnets as well. Some iptables forwarding on server may be necessary ( tun0 - eth0 or similar ), and static routing on ultimate servers on remote subnets if the OpenVPN server if it isn't the default route. ( or you can cheat and just masquerade all incoming connections over tun0 ). For DNS resolution, a google on /usr/share/openvpn/update-resolv-conf should provide you with all of the information necessary. (and not a clickety-click in sight (: ). Are you talking about the vpn server or client here? I was talking about the client. Thanks for the tips, I'll have another look. However init.d isn't an option - sometimes I neither need nor want the vpn. Volker -- Volker Kuhlmann http://volker.dnsalias.net/ Please do not CC list postings to me. ___ Linux-users mailing list Linux-users@lists.canterbury.ac.nz http://lists.canterbury.ac.nz/mailman/listinfo/linux-users
Re: [Linux-users] WAS Chit chat Re: Testing List - please delete NOW Evolution connection
Maybe this will help; https://live.gnome.org/Evolution/FAQ#Why_is_Evolution_offline_when_my_net_connection_is_working.3F On Thu, 11 Oct 2012, chris wrote: Which is my issue. I am on dial up, and I cannot get Evolution to go on line at all. As you say areal PITA. Also my tux skills are not good enough yet to know what I have to do to get it working. All help gratefully received. Regards Chris ___ Linux-users mailing list Linux-users@lists.canterbury.ac.nz http://lists.canterbury.ac.nz/mailman/listinfo/linux-users ___ Linux-users mailing list Linux-users@lists.canterbury.ac.nz http://lists.canterbury.ac.nz/mailman/listinfo/linux-users
Re: [Linux-users] WAS Chit chat Re: Testing List - please delete NOW Evolution connection
On Fri, Oct 12, 2012 at 11:42 AM, Ross Drummond r...@ashburton.co.nz wrote: On Thu, 11 Oct 2012, chris wrote: Which is my issue. I am on dial up, and I cannot get Evolution to go on line at all. As you say areal PITA. Maybe this will help; https://live.gnome.org/Evolution/FAQ#Why_is_Evolution_offline_when_my_net_connection_is_working.3F It would help, except for the fact that Evolution/GNOME(?) have simply ignored the whole use-case of I do not want Network Manager to manage my network, but I have not uninstalled it. NM is a user-based tool, which is very good if you have to use personal credentials to access the network (i.e. corporate wifi mainly, or most VPNs). However if you want the machine to be accessible on the network when no user is currently logged on, you're completely sunk and have to fall back on to other solutions ... like (debian)/etc/network/interfaces and so on. Their FAQ ends up with The solution is to configure NM to manage your network interface. Useless. All they needed was an option to say Force online. -jim ___ Linux-users mailing list Linux-users@lists.canterbury.ac.nz http://lists.canterbury.ac.nz/mailman/listinfo/linux-users
Re: [Linux-users] WAS Chit chat Re: Testing List - please delete NOW Evolution connection
On Fri, 2012-10-12 at 11:42 +1300, Ross Drummond wrote: Maybe this will help; https://live.gnome.org/Evolution/FAQ#Why_is_Evolution_offline_when_my_net_connection_is_working.3F On Thu, 11 Oct 2012, chris wrote: Which is my issue. I am on dial up, and I cannot get Evolution to go on line at all. As you say areal PITA. Also my tux skills are not good enough yet to know what I have to do to get it working. All help gratefully received. Regards Chris Thank you Ross, will follow that up. Many thanks Chris ___ Linux-users mailing list Linux-users@lists.canterbury.ac.nz http://lists.canterbury.ac.nz/mailman/listinfo/linux-users
Re: [Linux-users] WAS Chit chat Re: Testing List - please delete NOW Evolution connection
On Fri, 2012-10-12 at 11:57 +1300, Jim Cheetham wrote: On Fri, Oct 12, 2012 at 11:42 AM, Ross Drummond r...@ashburton.co.nz wrote: On Thu, 11 Oct 2012, chris wrote: Which is my issue. I am on dial up, and I cannot get Evolution to go on line at all. As you say areal PITA. Maybe this will help; https://live.gnome.org/Evolution/FAQ#Why_is_Evolution_offline_when_my_net_connection_is_working.3F It would help, except for the fact that Evolution/GNOME(?) have simply ignored the whole use-case of I do not want Network Manager to manage my network, but I have not uninstalled it. NM is a user-based tool, which is very good if you have to use personal credentials to access the network (i.e. corporate wifi mainly, or most VPNs). However if you want the machine to be accessible on the network when no user is currently logged on, you're completely sunk and have to fall back on to other solutions ... like (debian)/etc/network/interfaces and so on. Their FAQ ends up with The solution is to configure NM to manage your network interface. Useless. All they needed was an option to say Force online. -jim ___ Linux-users mailing list Linux-users@lists.canterbury.ac.nz http://lists.canterbury.ac.nz/mailman/listinfo/linux-users so, how do you do that? please? Chris ___ Linux-users mailing list Linux-users@lists.canterbury.ac.nz http://lists.canterbury.ac.nz/mailman/listinfo/linux-users
