Re: Feature request: vpn auto-connect

From: Matthew Saltzman <mjs ces clemson edu>
To: Dan Williams <dcbw redhat com>
Cc: networkmanager-list gnome org
Subject: Re: Feature request: vpn auto-connect
Date: Sun, 1 Oct 2006 13:33:12 -0400 (EDT)

On Sun, 1 Oct 2006, Dan Williams wrote:

On Fri, 2006-09-29 at 00:17 -0400, Golam Mortuza Hossain wrote:

Hi,

After two weeks of frustrating attempts to run nm, finally I could get
nm (0.6.2-linux2go) working in my z60t thinkpad (running kubuntu 6.06.1)
with wpa_supplicant (0.5.5) and latest madwifi-ng.  I am really amazed
with nm operations! Its really cool!!

In my institute, I need to connect through VPN.  With nm's vpnc plugin,
this is also hassle-free.  However, a problem arises when
wireless connection drops out. Although, nm reconnects to the wireless
network almost immediately but it doesn't run vpnc. So effectively machine
remains disconnected. Right now, I have to manually connect to VPN
every time it happens. So I would like to make a feature request for nm.

Would it be possible to have an association for a given VPN connection
with a given SSID? So if defined by user, nm would also auto-connect to
VPN after connecting to the given SSID.


Good point.  We had considered auto-connecting VPN in the early stages
of NM but that got dropped for various reasons.  It's now time to
revisit that.  Your suggestion sounds spot-on.  But let's generalize
that to associating a VPN connection with an NM Configuration (ie, a
collection of settings describing a specific network connection).  I'd
probably want to use a VPN over Bluetooth to my phone which connects to
Sprint using PPP, if just to access my Red Hat email from the middle of
Wisconsin, for example.

Meanwhile, if we really wanted this soon, we could make NM reconnect the
VPN automatically when the connection drops, but not if you explicitly
disabled it.  Somewhat harder than it looks because connection drops
aren't always distinguishable from other circumstances, but certainly
doable.


Unless I miss something, there are a couple of very different use cases
here:  (1) I'm on my own campus and wireless connections to the campus net
must be made through a VPN because WEP is deemed insecure. (2) I'm away
from my own campus (possibly anywhere) and must connect to the campus net
via VPN to reach firewalled resources.

For the former case, configuring VPN connect-on-start is a reasonable
solution, and it's known that if VPN-on-start is set then VPN-on-reconnect
is the right thing to do.

For the latter case, one really wants some sort of automatic
reconnect-in-last-state.  I connect to lots of WAPs, but I only use my VPN
if I need to get to university-internal stuff behind the firewall.  If I
were connected via VPN and the connection dropped, I'd want to
re-establish the VPN connection automatically, but I don't want to set it
to start or not per access point.  (Some people may want that feature and
that's fine, but I'd leave VPN off by default on all my connections for
which case 1 doesn't apply.)

How would it work to say this:  If the last state when connected was VPN
up and you reconnect to the same SSID within some time period (order of a
few minutes, maybe settable), then restart the VPN on reconnection.

--
		Matthew Saltzman

Clemson University Math Sciences
mjs AT clemson DOT edu
http://www.math.clemson.edu/~mjs

Follow-Ups:
- Re: Feature request: vpn auto-connect
  - From: Golam Mortuza Hossain

References:
- Re: Feature request: vpn auto-connect
  - From: Dan Williams

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]