Re: VPN connections in NetworkManager have strange behaviour

[Dan Williams <dcbw redhat com>]

On Fri, 2009-05-15 at 09:35 +0200, Axel wrote:
> Le 14/05/2009 23:13, Dan Williams a écrit :
> > Is the remote VPN server passing the netmask down to the client?  vpnc
> > should export the netmask in the environment of the handler it runs
> > after connecting, in the INTERNAL_IP4_NETMASK variable.
> > NetworkManager-vpnc looks for that, and if its found, it will use that
> > value.  So it could be a misconfiguration of your vpn concentrator.
> >
> > If that value is *not* present, NM will default to a /24, which could be
> > what's happening here.  That may be wrong, yes.  But first lets verify
> > what the VPN client is returning.  One way to do this is to
> > move /usr/libexec/nm-vpnc-service-vpnc-helper
> > to /usr/libexec/nm-vpnc-service-vpnc-helper.ORIG, then put a small
> > wrapper script at /usr/libexec/nm-vpnc-service-vpnc-helper that contains
> > something like:
> >
> > #!/bin/sh
> > env>  /tmp/vpn-env
> > /usr/libexec/nm-vpnc-service-vpnc-helper.ORIG $@
> >
> > and make that script executable, then connect.  That should dump the
> > environment to the file /tmp/vpn-env which will allow us to figure this
> > out.
> >
> > Dan
> >
> >
> >
> 
> Here is the content of the generated file :
> 
> TERM=linux
> reason=connect
> TUNDEV=tun0
> PATH=/sbin:/usr/sbin:/bin:/usr/bin
> runlevel=5
> RUNLEVEL=5
> _=/bin/env
> UPSTART_EVENT=runlevel
> LANGSH_SOURCED=1
> PWD=/
> VPNGATEWAY=62.39.X.X
> LANG=fr_FR.UTF-8
> previous=N
> PREVLEVEL=N
> CONSOLETYPE=vt
> SHLVL=5
> UPSTART_JOB=rc5
> INTERNAL_IP4_ADDRESS=10.240.200.10
> UPSTART_JOB_ID=10

Ugh.  Since it is a TUN device, we probably should be defaulting to
a /32 in NetworkManager-vpnc.  Any chance you could ask your admin to
fix the VPN settings?  Technically it is a bug in the setup; no way to
know what the netmask is if the admin doesn't pass one.

Dan