Public bug reported:
Following the copious examples, I am trying to setup an openvpn client
on 16.04 and when I try to import the client.ovpn file I get the same
gateway name entered a bunch of times and none of the cert information
filled out using the network management applet.
When I fill out the details manually it just tries really hard and
eventually fails (where can I find logs?)
When I try to connect from the shell, everything seems to go fine but no
traffic goes through the tunnel even though a tun0 adapter exists.
To reproduce (this assumes openvpn support is already installed):
1) export client.ovpn from an existing OpenVPN server
2) Open the network manager applet (top right of the gnome UI).
3) Add a VPN connection
4) Import (last choice at the bottom)
5) Select the ovpn file from step 1
6) Dialog is completely misconfigured. No certs are imported and the host for
the VPN is comma repeated several times
There doesn't seem to be any problem with the server based on the below
output (for testing)
root@christian:~# openvpn --client --config client.ovpn
Tue Mar 1 11:19:11 2016 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)]
[LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Apr 13 2015
Enter Auth Username: *********
Enter Auth Password: *********
Tue Mar 1 11:19:16 2016 Control Channel Authentication: tls-auth using INLINE
static key file
Tue Mar 1 11:19:16 2016 Outgoing Control Channel Authentication: Using 160 bit
message hash 'SHA1' for HMAC authentication
Tue Mar 1 11:19:16 2016 Incoming Control Channel Authentication: Using 160 bit
message hash 'SHA1' for HMAC authentication
Tue Mar 1 11:19:16 2016 Socket Buffers: R=[212992->200000] S=[212992->200000]
Tue Mar 1 11:19:16 2016 UDPv4 link local: [undef]
Tue Mar 1 11:19:16 2016 UDPv4 link remote: [AF_INET]52.25.249.104:1194
Tue Mar 1 11:19:16 2016 TLS: Initial packet from [AF_INET]52.25.249.104:1194,
sid=140c4d57 ee7ea275
Tue Mar 1 11:19:16 2016 WARNING: this configuration may cache passwords in
memory -- use the auth-nocache option to prevent this
Tue Mar 1 11:19:18 2016 VERIFY OK: depth=1, CN=OpenVPN CA
Tue Mar 1 11:19:18 2016 VERIFY OK: nsCertType=SERVER
Tue Mar 1 11:19:18 2016 VERIFY OK: depth=0, CN=OpenVPN Server
Tue Mar 1 11:19:19 2016 Data Channel Encrypt: Cipher 'BF-CBC' initialized with
128 bit key
Tue Mar 1 11:19:19 2016 Data Channel Encrypt: Using 160 bit message hash
'SHA1' for HMAC authentication
Tue Mar 1 11:19:19 2016 Data Channel Decrypt: Cipher 'BF-CBC' initialized with
128 bit key
Tue Mar 1 11:19:19 2016 Data Channel Decrypt: Using 160 bit message hash
'SHA1' for HMAC authentication
Tue Mar 1 11:19:19 2016 Control Channel: TLSv1, cipher TLSv1/SSLv3
ECDHE-RSA-AES256-SHA, 2048 bit RSA
Tue Mar 1 11:19:19 2016 [OpenVPN Server] Peer Connection Initiated with
[AF_INET]52.25.249.104:1194
Tue Mar 1 11:19:21 2016 SENT CONTROL [OpenVPN Server]: 'PUSH_REQUEST'
(status=1)
Tue Mar 1 11:19:21 2016 PUSH: Received control message:
'PUSH_REPLY,explicit-exit-notify,topology subnet,route-delay 5
30,dhcp-pre-release,dhcp-renew,dhcp-release,route-metric 101,ping
12,ping-restart 50,auth-token SESS_ID,comp-lzo yes,redirect-private
def1,redirect-private bypass-dhcp,redirect-private autolocal,route-gateway
172.27.248.1,route 172.27.224.0 255.255.240.0,route 10.0.0.0
255.254.0.0,dhcp-option DNS 10.0.0.2,register-dns,block-ipv6,ifconfig
172.27.248.54 255.255.248.0'
Tue Mar 1 11:19:21 2016 Unrecognized option or missing parameter(s) in
[PUSH-OPTIONS]:4: dhcp-pre-release (2.3.2)
Tue Mar 1 11:19:21 2016 Unrecognized option or missing parameter(s) in
[PUSH-OPTIONS]:5: dhcp-renew (2.3.2)
Tue Mar 1 11:19:21 2016 Unrecognized option or missing parameter(s) in
[PUSH-OPTIONS]:6: dhcp-release (2.3.2)
Tue Mar 1 11:19:21 2016 Unrecognized option or missing parameter(s) in
[PUSH-OPTIONS]:19: register-dns (2.3.2)
Tue Mar 1 11:19:21 2016 Unrecognized option or missing parameter(s) in
[PUSH-OPTIONS]:20: block-ipv6 (2.3.2)
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: timers and/or timeouts modified
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: explicit notify parm(s) modified
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: LZO parms modified
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: --ifconfig/up options modified
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: route options modified
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: route-related options modified
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option
options modified
Tue Mar 1 11:19:21 2016 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=wlan0
HWADDR=10:02:b5:82:e5:d8
Tue Mar 1 11:19:21 2016 TUN/TAP device tun0 opened
Tue Mar 1 11:19:21 2016 TUN/TAP TX queue length set to 100
Tue Mar 1 11:19:21 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Tue Mar 1 11:19:21 2016 /sbin/ip link set dev tun0 up mtu 1500
Tue Mar 1 11:19:21 2016 /sbin/ip addr add dev tun0 172.27.248.54/21 broadcast
172.27.255.255
Tue Mar 1 11:19:27 2016 ROUTE remote_host is NOT LOCAL
Tue Mar 1 11:19:27 2016 /sbin/ip route add 52.25.249.104/32 via 192.168.1.1
Tue Mar 1 11:19:27 2016 /sbin/ip route add 172.27.224.0/20 via 172.27.248.1
metric 101
Tue Mar 1 11:19:27 2016 /sbin/ip route add 10.0.0.0/15 via 172.27.248.1 metric
101
Tue Mar 1 11:19:27 2016 Initialization Sequence Completed
root@christian:~# ifconfig tun0
tun0 Link encap:UNSPEC HWaddr
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:172.27.248.54 P-t-P:172.27.248.54 Mask:255.255.248.0
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
root@christian:~#
** Affects: ubuntu
Importance: Undecided
Status: New
** Description changed:
Following the copious examples, I am trying to setup an openvpn client
- on 15.04 and when I try to import the client.ovpn file I get the same
+ on 16.04 and when I try to import the client.ovpn file I get the same
gateway name entered a bunch of times and none of the cert information
filled out using the network management applet.
When I fill out the details manually it just tries really hard and
eventually fails (where can I find logs?)
When I try to connect from the shell, everything seems to go fine but no
traffic goes through the tunnel even though a tun0 adapter exists.
To reproduce (this assumes openvpn support is already installed):
1) export client.ovpn from an existing OpenVPN server
- 2) Open the network manager applet (top right of the gnome UI).
+ 2) Open the network manager applet (top right of the gnome UI).
3) Add a VPN connection
4) Import (last choice at the bottom)
5) Select the ovpn file from step 1
6) Dialog is completely misconfigured. No certs are imported and the host for
the VPN is comma repeated several times
-
- root@christian:~# openvpn --client --config client.ovpn
+ root@christian:~# openvpn --client --config client.ovpn
Tue Mar 1 11:19:11 2016 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)]
[LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Apr 13 2015
Enter Auth Username: *********
Enter Auth Password: *********
Tue Mar 1 11:19:16 2016 Control Channel Authentication: tls-auth using
INLINE static key file
Tue Mar 1 11:19:16 2016 Outgoing Control Channel Authentication: Using 160
bit message hash 'SHA1' for HMAC authentication
Tue Mar 1 11:19:16 2016 Incoming Control Channel Authentication: Using 160
bit message hash 'SHA1' for HMAC authentication
Tue Mar 1 11:19:16 2016 Socket Buffers: R=[212992->200000] S=[212992->200000]
Tue Mar 1 11:19:16 2016 UDPv4 link local: [undef]
Tue Mar 1 11:19:16 2016 UDPv4 link remote: [AF_INET]52.25.249.104:1194
Tue Mar 1 11:19:16 2016 TLS: Initial packet from
[AF_INET]52.25.249.104:1194, sid=140c4d57 ee7ea275
Tue Mar 1 11:19:16 2016 WARNING: this configuration may cache passwords in
memory -- use the auth-nocache option to prevent this
Tue Mar 1 11:19:18 2016 VERIFY OK: depth=1, CN=OpenVPN CA
Tue Mar 1 11:19:18 2016 VERIFY OK: nsCertType=SERVER
Tue Mar 1 11:19:18 2016 VERIFY OK: depth=0, CN=OpenVPN Server
Tue Mar 1 11:19:19 2016 Data Channel Encrypt: Cipher 'BF-CBC' initialized
with 128 bit key
Tue Mar 1 11:19:19 2016 Data Channel Encrypt: Using 160 bit message hash
'SHA1' for HMAC authentication
Tue Mar 1 11:19:19 2016 Data Channel Decrypt: Cipher 'BF-CBC' initialized
with 128 bit key
Tue Mar 1 11:19:19 2016 Data Channel Decrypt: Using 160 bit message hash
'SHA1' for HMAC authentication
Tue Mar 1 11:19:19 2016 Control Channel: TLSv1, cipher TLSv1/SSLv3
ECDHE-RSA-AES256-SHA, 2048 bit RSA
Tue Mar 1 11:19:19 2016 [OpenVPN Server] Peer Connection Initiated with
[AF_INET]52.25.249.104:1194
Tue Mar 1 11:19:21 2016 SENT CONTROL [OpenVPN Server]: 'PUSH_REQUEST'
(status=1)
Tue Mar 1 11:19:21 2016 PUSH: Received control message:
'PUSH_REPLY,explicit-exit-notify,topology subnet,route-delay 5
30,dhcp-pre-release,dhcp-renew,dhcp-release,route-metric 101,ping
12,ping-restart 50,auth-token SESS_ID,comp-lzo yes,redirect-private
def1,redirect-private bypass-dhcp,redirect-private autolocal,route-gateway
172.27.248.1,route 172.27.224.0 255.255.240.0,route 10.0.0.0
255.254.0.0,dhcp-option DNS 10.0.0.2,register-dns,block-ipv6,ifconfig
172.27.248.54 255.255.248.0'
Tue Mar 1 11:19:21 2016 Unrecognized option or missing parameter(s) in
[PUSH-OPTIONS]:4: dhcp-pre-release (2.3.2)
Tue Mar 1 11:19:21 2016 Unrecognized option or missing parameter(s) in
[PUSH-OPTIONS]:5: dhcp-renew (2.3.2)
Tue Mar 1 11:19:21 2016 Unrecognized option or missing parameter(s) in
[PUSH-OPTIONS]:6: dhcp-release (2.3.2)
Tue Mar 1 11:19:21 2016 Unrecognized option or missing parameter(s) in
[PUSH-OPTIONS]:19: register-dns (2.3.2)
Tue Mar 1 11:19:21 2016 Unrecognized option or missing parameter(s) in
[PUSH-OPTIONS]:20: block-ipv6 (2.3.2)
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: timers and/or timeouts modified
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: explicit notify parm(s) modified
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: LZO parms modified
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: --ifconfig/up options modified
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: route options modified
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: route-related options modified
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option
options modified
Tue Mar 1 11:19:21 2016 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=wlan0
HWADDR=10:02:b5:82:e5:d8
Tue Mar 1 11:19:21 2016 TUN/TAP device tun0 opened
Tue Mar 1 11:19:21 2016 TUN/TAP TX queue length set to 100
Tue Mar 1 11:19:21 2016 do_ifconfig, tt->ipv6=0,
tt->did_ifconfig_ipv6_setup=0
Tue Mar 1 11:19:21 2016 /sbin/ip link set dev tun0 up mtu 1500
Tue Mar 1 11:19:21 2016 /sbin/ip addr add dev tun0 172.27.248.54/21
broadcast 172.27.255.255
Tue Mar 1 11:19:27 2016 ROUTE remote_host is NOT LOCAL
Tue Mar 1 11:19:27 2016 /sbin/ip route add 52.25.249.104/32 via 192.168.1.1
Tue Mar 1 11:19:27 2016 /sbin/ip route add 172.27.224.0/20 via 172.27.248.1
metric 101
Tue Mar 1 11:19:27 2016 /sbin/ip route add 10.0.0.0/15 via 172.27.248.1
metric 101
Tue Mar 1 11:19:27 2016 Initialization Sequence Completed
root@christian:~# ifconfig tun0
- tun0 Link encap:UNSPEC HWaddr
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
- inet addr:172.27.248.54 P-t-P:172.27.248.54 Mask:255.255.248.0
- UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
- RX packets:0 errors:0 dropped:0 overruns:0 frame:0
- TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
- collisions:0 txqueuelen:100
- RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
+ tun0 Link encap:UNSPEC HWaddr
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
+ inet addr:172.27.248.54 P-t-P:172.27.248.54 Mask:255.255.248.0
+ UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
+ RX packets:0 errors:0 dropped:0 overruns:0 frame:0
+ TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
+ collisions:0 txqueuelen:100
+ RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
root@christian:~#
** Description changed:
Following the copious examples, I am trying to setup an openvpn client
on 16.04 and when I try to import the client.ovpn file I get the same
gateway name entered a bunch of times and none of the cert information
filled out using the network management applet.
When I fill out the details manually it just tries really hard and
eventually fails (where can I find logs?)
When I try to connect from the shell, everything seems to go fine but no
traffic goes through the tunnel even though a tun0 adapter exists.
To reproduce (this assumes openvpn support is already installed):
1) export client.ovpn from an existing OpenVPN server
2) Open the network manager applet (top right of the gnome UI).
3) Add a VPN connection
4) Import (last choice at the bottom)
5) Select the ovpn file from step 1
6) Dialog is completely misconfigured. No certs are imported and the host for
the VPN is comma repeated several times
+
+ There doesn't seem to be any problem with the server based on the below
+ output (for testing)
root@christian:~# openvpn --client --config client.ovpn
Tue Mar 1 11:19:11 2016 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)]
[LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Apr 13 2015
Enter Auth Username: *********
Enter Auth Password: *********
Tue Mar 1 11:19:16 2016 Control Channel Authentication: tls-auth using
INLINE static key file
Tue Mar 1 11:19:16 2016 Outgoing Control Channel Authentication: Using 160
bit message hash 'SHA1' for HMAC authentication
Tue Mar 1 11:19:16 2016 Incoming Control Channel Authentication: Using 160
bit message hash 'SHA1' for HMAC authentication
Tue Mar 1 11:19:16 2016 Socket Buffers: R=[212992->200000] S=[212992->200000]
Tue Mar 1 11:19:16 2016 UDPv4 link local: [undef]
Tue Mar 1 11:19:16 2016 UDPv4 link remote: [AF_INET]52.25.249.104:1194
Tue Mar 1 11:19:16 2016 TLS: Initial packet from
[AF_INET]52.25.249.104:1194, sid=140c4d57 ee7ea275
Tue Mar 1 11:19:16 2016 WARNING: this configuration may cache passwords in
memory -- use the auth-nocache option to prevent this
Tue Mar 1 11:19:18 2016 VERIFY OK: depth=1, CN=OpenVPN CA
Tue Mar 1 11:19:18 2016 VERIFY OK: nsCertType=SERVER
Tue Mar 1 11:19:18 2016 VERIFY OK: depth=0, CN=OpenVPN Server
Tue Mar 1 11:19:19 2016 Data Channel Encrypt: Cipher 'BF-CBC' initialized
with 128 bit key
Tue Mar 1 11:19:19 2016 Data Channel Encrypt: Using 160 bit message hash
'SHA1' for HMAC authentication
Tue Mar 1 11:19:19 2016 Data Channel Decrypt: Cipher 'BF-CBC' initialized
with 128 bit key
Tue Mar 1 11:19:19 2016 Data Channel Decrypt: Using 160 bit message hash
'SHA1' for HMAC authentication
Tue Mar 1 11:19:19 2016 Control Channel: TLSv1, cipher TLSv1/SSLv3
ECDHE-RSA-AES256-SHA, 2048 bit RSA
Tue Mar 1 11:19:19 2016 [OpenVPN Server] Peer Connection Initiated with
[AF_INET]52.25.249.104:1194
Tue Mar 1 11:19:21 2016 SENT CONTROL [OpenVPN Server]: 'PUSH_REQUEST'
(status=1)
Tue Mar 1 11:19:21 2016 PUSH: Received control message:
'PUSH_REPLY,explicit-exit-notify,topology subnet,route-delay 5
30,dhcp-pre-release,dhcp-renew,dhcp-release,route-metric 101,ping
12,ping-restart 50,auth-token SESS_ID,comp-lzo yes,redirect-private
def1,redirect-private bypass-dhcp,redirect-private autolocal,route-gateway
172.27.248.1,route 172.27.224.0 255.255.240.0,route 10.0.0.0
255.254.0.0,dhcp-option DNS 10.0.0.2,register-dns,block-ipv6,ifconfig
172.27.248.54 255.255.248.0'
Tue Mar 1 11:19:21 2016 Unrecognized option or missing parameter(s) in
[PUSH-OPTIONS]:4: dhcp-pre-release (2.3.2)
Tue Mar 1 11:19:21 2016 Unrecognized option or missing parameter(s) in
[PUSH-OPTIONS]:5: dhcp-renew (2.3.2)
Tue Mar 1 11:19:21 2016 Unrecognized option or missing parameter(s) in
[PUSH-OPTIONS]:6: dhcp-release (2.3.2)
Tue Mar 1 11:19:21 2016 Unrecognized option or missing parameter(s) in
[PUSH-OPTIONS]:19: register-dns (2.3.2)
Tue Mar 1 11:19:21 2016 Unrecognized option or missing parameter(s) in
[PUSH-OPTIONS]:20: block-ipv6 (2.3.2)
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: timers and/or timeouts modified
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: explicit notify parm(s) modified
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: LZO parms modified
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: --ifconfig/up options modified
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: route options modified
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: route-related options modified
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option
options modified
Tue Mar 1 11:19:21 2016 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=wlan0
HWADDR=10:02:b5:82:e5:d8
Tue Mar 1 11:19:21 2016 TUN/TAP device tun0 opened
Tue Mar 1 11:19:21 2016 TUN/TAP TX queue length set to 100
Tue Mar 1 11:19:21 2016 do_ifconfig, tt->ipv6=0,
tt->did_ifconfig_ipv6_setup=0
Tue Mar 1 11:19:21 2016 /sbin/ip link set dev tun0 up mtu 1500
Tue Mar 1 11:19:21 2016 /sbin/ip addr add dev tun0 172.27.248.54/21
broadcast 172.27.255.255
Tue Mar 1 11:19:27 2016 ROUTE remote_host is NOT LOCAL
Tue Mar 1 11:19:27 2016 /sbin/ip route add 52.25.249.104/32 via 192.168.1.1
Tue Mar 1 11:19:27 2016 /sbin/ip route add 172.27.224.0/20 via 172.27.248.1
metric 101
Tue Mar 1 11:19:27 2016 /sbin/ip route add 10.0.0.0/15 via 172.27.248.1
metric 101
Tue Mar 1 11:19:27 2016 Initialization Sequence Completed
root@christian:~# ifconfig tun0
tun0 Link encap:UNSPEC HWaddr
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:172.27.248.54 P-t-P:172.27.248.54 Mask:255.255.248.0
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
root@christian:~#
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1552869
Title:
openvpn in network manager app doesn't import/connect
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+bug/1552869/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
