This forum has been archived. All content is frozen. Please use KDE Discuss instead.

OpenVPN through Knetworkmanager connects to localhost

Page 1 of 1 (4 posts)

Tags: None
(comma "," separated)
User avatar
pavel
Registered Member
Posts
134
Karma
1
OS

OpenVPN through Knetworkmanager connects to localhost

Mon Jan 03, 2011 9:23 am
Hello.

As I understand, I an to set up my openVPN server in OpenVPN/gateway. I have entered all the data to configure OpenVPN connection. In /var/iog/NetworkManager I have

Code: Select all
Jan  3 12:09:52 pavel-work NetworkManager: <info>  Starting VPN service 'org.freedesktop.NetworkManager.openvpn'...
Jan  3 12:09:52 pavel-work NetworkManager: <info>  VPN service 'org.freedesktop.NetworkManager.openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 27076
Jan  3 12:09:52 pavel-work NetworkManager: <info>  VPN service 'org.freedesktop.NetworkManager.openvpn' just appeared, activating connections
Jan  3 12:09:52 pavel-work NetworkManager: <info>  VPN plugin state changed: 1
Jan  3 12:09:52 pavel-work NetworkManager: <info>  VPN plugin state changed: 3
Jan  3 12:09:52 pavel-work NetworkManager: <info>  VPN connection 'VPN connection' (Connect) reply received.
Jan  3 12:09:52 pavel-work nm-openvpn[27078]: OpenVPN 2.1.1 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Jul  5 2010
Jan  3 12:09:53 pavel-work nm-openvpn[27078]: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Jan  3 12:09:53 pavel-work nm-openvpn[27078]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jan  3 12:10:32 pavel-work NetworkManager: <info>  VPN connection 'VPN connection' (IP Config Get) timeout exceeded.
Jan  3 12:10:32 pavel-work nm-openvpn[27078]: ERROR: could not read Private Key username/password/ok/string from management interface
Jan  3 12:10:32 pavel-work nm-openvpn[27078]: Exiting
Jan  3 12:10:32 pavel-work NetworkManager: <debug> [1294045832.745117] run_netconfig(): Spawning '/sbin/netconfig modify --service NetworkManager'
Jan  3 12:10:32 pavel-work NetworkManager: <debug> [1294045832.746219] write_to_netconfig(): Writing to netconfig: INTERFACE='eth0'#012
Jan  3 12:10:32 pavel-work NetworkManager: <debug> [1294045832.746250] write_to_netconfig(): Writing to netconfig: DNSSEARCH='my.domain.com'#012
Jan  3 12:10:32 pavel-work NetworkManager: <debug> [1294045832.746267] write_to_netconfig(): Writing to netconfig: DNSSERVERS='10.0.1.1 10.0.1.4'#012
Jan  3 12:10:32 pavel-work NetworkManager: <info>  Clearing nscd hosts cache.
Jan  3 12:10:32 pavel-work NetworkManager: <info>  Policy set 'Auto eth0' (eth0) as default for routing and DNS.
Jan  3 12:10:44 pavel-work NetworkManager: <debug> [1294045844.739704] ensure_killed(): waiting for vpn service pid 27076 to exit
Jan  3 12:10:44 pavel-work NetworkManager: <debug> [1294045844.739783] ensure_killed(): vpn service pid 27076 cleaned up


Sniffing of packets to port 1194 shows, that network manager tries to connect to localhost instead of my vpn server:
Code: Select all
12:09:53.149454 IP localhost.54532 > localhost.openvpn: Flags [S], seq 934148419, win 32792, options [mss 16396,sackOK,TS val 1385478063 ecr 0,nop,wscale 6], length 0
12:09:53.149473 IP localhost.openvpn > localhost.54532: Flags [S.], seq 919917540, ack 934148420, win 32768, options [mss 16396,sackOK,TS val 1385478063 ecr 1385478063,nop,wscale 6], length 0
12:09:53.149484 IP localhost.54532 > localhost.openvpn: Flags [.], ack 1, win 513, options [nop,nop,TS val 1385478063 ecr 1385478063], length 0
12:09:53.149555 IP localhost.openvpn > localhost.54532: Flags [P.], seq 1:76, ack 1, win 512, options [nop,nop,TS val 1385478063 ecr 1385478063], length 75
12:09:53.149564 IP localhost.54532 > localhost.openvpn: Flags [.], ack 76, win 513, options [nop,nop,TS val 1385478063 ecr 1385478063], length 0
12:09:53.149576 IP localhost.openvpn > localhost.54532: Flags [P.], seq 76:117, ack 1, win 512, options [nop,nop,TS val 1385478063 ecr 1385478063], length 41
12:09:53.149580 IP localhost.54532 > localhost.openvpn: Flags [.], ack 117, win 513, options [nop,nop,TS val 1385478063 ecr 1385478063], length 0
12:09:53.149819 IP localhost.54532 > localhost.openvpn: Flags [P.], seq 1:54, ack 117, win 513, options [nop,nop,TS val 1385478063 ecr 1385478063], length 53
12:09:53.149826 IP localhost.openvpn > localhost.54532: Flags [.], ack 54, win 512, options [nop,nop,TS val 1385478063 ecr 1385478063], length 0
12:09:53.149860 IP localhost.openvpn > localhost.54532: Flags [P.], seq 117:173, ack 54, win 512, options [nop,nop,TS val 1385478063 ecr 1385478063], length 56
12:09:53.189518 IP localhost.54532 > localhost.openvpn: Flags [.], ack 173, win 513, options [nop,nop,TS val 1385478103 ecr 1385478063], length 0
12:09:53.189539 IP localhost.openvpn > localhost.54532: Flags [P.], seq 173:268, ack 54, win 512, options [nop,nop,TS val 1385478103 ecr 1385478103], length 95
12:09:53.189547 IP localhost.54532 > localhost.openvpn: Flags [.], ack 268, win 513, options [nop,nop,TS val 1385478103 ecr 1385478103], length 0

So, something is wrong. Any ideas?

pavel, proud to be a member of KDE forums since 2008-Dec.
User avatar
bcooksley
Administrator
Posts
19765
Karma
87
OS

Re: OpenVPN through Knetworkmanager connects to localhost

Mon Jan 03, 2011 10:05 am
The following message indicates issues:
Code: Select all
Jan  3 12:10:32 pavel-work nm-openvpn[27078]: ERROR: could not read Private Key username/password/ok/string from management interface


Can you please confirm the settings you have provided to Network Management are complete?

KDE Sysadmin
[img]content/bcooksley_sig.png[/img]
User avatar
pavel
Registered Member
Posts
134
Karma
1
OS

Re: OpenVPN through Knetworkmanager connects to localhost

Mon Jan 03, 2011 10:07 am
Problem solved by using non-cyphered private key. Is there any way to use passhprase-protected private keys in KNetworkManager?

pavel, proud to be a member of KDE forums since 2008-Dec.
User avatar
bcooksley
Administrator
Posts
19765
Karma
87
OS

Re: OpenVPN through Knetworkmanager connects to localhost

Mon Jan 03, 2011 10:08 am
Not sure, given the message it may not yet be supported. Please file a feature request/bug report at bugs.kde.org.

KDE Sysadmin
[img]content/bcooksley_sig.png[/img]

Page 1 of 1 (4 posts)

Bookmarks


Who is online

Registered users: Bing [Bot], Google [Bot], Yahoo [Bot]