On Mon, 2021-06-14 at 17:52 +, Samuel Le Thiec via networkmanager-list
wrote:
> Hello again:)
>
> I encountered two problems with an openvpn client conf having several remotes.
>
> The first problem occurs when importing a openvpn client config having
> multiple remotes
> mixing udp & tcp and using the "implicit udp syntax":
>
> $ grep ^remote openvpn.conf
> remote ovpn.mydomain.com
> remote ovpn.mydomain.com 53
> remote ovpn.mydomain.com 1194 tcp
>
> When imported in Network Manager, this translates to (in the vpn settings:
> Identity →
> General → Gateway) :
> ovpn.mydomain.com, ovpn.mydomain.com:53, ovpn.mydomain.com:1194:tcp
>
> When I try to enable the vpn connection, it goes back to being disabled
> immediately.
> Here
> is the error message I can see in the journal:
> Options error: --explicit-exit-notify can only be used with --proto udp
>
> Now, if I change the gateway vpn setting to:
> ovpn.mydomain.com:1194:udp, ovpn.mydomain.com:53:udp,
> ovpn.mydomain.com:1194:tcp
>
> Then, I can enable the vpn and it looks like it's working...
>
> **BUT**
>
> When I look closer, the fallback/try on the other remotes does not seem to
> work: on the
> journal, I can see the tries on the first remote (IPv6, then IPv4), then I
> see this log
> entry:
>
> Jun 14 19:44:31 nsfw nm-openvpn-serv[333567]: Connect timer expired,
> disconnecting.
>
> This "fallback mechanism" works fine when invoking openvpn directly. Is there
> something
> else to do to have it working with Network Manager?
Hello,
I just would like to make sure this message does not get lost in the way.
Let me summarise it, I think there is two problems with the openvpn
functionnality within
Network Manager :
1. When importing an openvpn config file: NM can't start a openvpn
'connection' with a
remote using implicit UDP notation and a tcp (server1:port1
server2:port2:tcp) (see
above)
2. The fallback mechanism does not seem to work with NetworkManager,
probably because
it takes too long and NM tags the connection as failing: is there a way
to force it
to continue trying indefinitely?
Thank you,
samuel
>
> Any help greatly appreciated!
>
> Thanks,
>
> samuel
>
> PS: I'm using:
>
> $ NetworkManager --version
> 1.30.4-1.fc34
>
>
> ___
> networkmanager-list mailing list
> networkmanager-list@gnome.org
> https://mail.gnome.org/mailman/listinfo/networkmanager-list
___
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list