Re: OpenVPN Client on Ubuntu

From: Dan Williams <dcbw redhat com>
To: sdevine <sdevine comcast net>
Cc: NetworkManager-list gnome org
Subject: Re: OpenVPN Client on Ubuntu
Date: Thu, 26 Jun 2008 14:57:51 -0400
On Wed, 2008-06-25 at 11:09 -0700, sdevine wrote:
> 
> Darren Albers wrote:
> > 
> > On Dec 3, 2007 5:01 PM, MrDetermination <mrd mrdetermination com> wrote:
> >> # Tunnel options
> >> mode server       # Set OpenVPN major mode
> >> proto udp         # Setup the protocol (server)
> >> port xxxx         # TCP/UDP port number
> >> dev tap0          # TUN/TAP virtual network device
> >> keepalive 15 60   # Simplify the expression of --ping
> >> daemon            # Become a daemon after all initialization
> >> verb 3            # Set output verbosity to n
> >> comp-lzo          # Use fast LZO compression
> >>
> >> # OpenVPN server mode options
> >> client-to-client  # tells OpenVPN to internally route client-to-client
> >> traffic
> >> duplicate-cn      # Allow multiple clients with the same common name
> >>
> >> # TLS Mode Options
> >> tls-server        # Enable TLS and assume server role during TLS
> >> handshake
> >> ca ca.crt         # Certificate authority (CA) file
> >> dh dh1024.pem     # File containing Diffie Hellman parameters
> >> cert server.crt   # Local peer's signed certificate
> >> key server.key    # Local peer's private key
> > 
> > <snip>
> > 
> > That config should work without a problem...  It is very similar to my
> > config.  Did you select use LZO Compression and Use TAP Device on the
> > optional tab?   Also try commenting out tls-server and see if it
> > works.
> > _______________________________________________
> > NetworkManager-list mailing list
> > NetworkManager-list gnome org
> > http://mail.gnome.org/mailman/listinfo/networkmanager-list
> > 
> > 
> 
> I believe I am having the same problem on Hardy.  While following the same
> dd-wrt tutorial, launching openvpn from the command line works, but
> networkmanager pops up a dialog with the message "The VPN login failed
> because the VPN program received an invalid configuration from the VPN
> server."
> 
> The only additional information I could find was an error about not
> obtaining an IP address from the server in my syslog (pasted below).

Yeah, we need an IP address for the local side of the tunnel.  Any idea
how that's sent in your local OpenVPN server config?  i.e. what
environment variable an openvpn hook script would use to set the IP
address on the local interface.  Currently that's pulled from
'ifconfig_local'.

Dan

> 
> 
> > Jun 25 11:25:40 briere NetworkManager: <info>  Will activate VPN
> > connection 'Westbrook', service 'org.freedesktop.NetworkManager.openvpn',
> > user_name 'sdevine', vpn_data 'connection-type / x509 / dev / tap / remote
> > / hostname.removed / port / 1194 / proto / udp / servercert-insecure / no
> > / ca / /home/sdevine/vpn/ca.crt / cert / /home/sdevine/vpn/briere.crt /
> > key / /home/sdevine/vpn/briere.key / comp-lzo / yes / shared-key /  /
> > local-ip /  / remote-ip /  / username / ', route ''. 
> > Jun 25 11:25:40 briere NetworkManager: <info>  VPN Activation (Westbrook)
> > Stage 1 of 4 (Connection Prepare) scheduled... 
> > Jun 25 11:25:40 briere NetworkManager: <info>  VPN Activation (Westbrook)
> > Stage 1 of 4 (Connection Prepare) ran VPN service daemon
> > org.freedesktop.NetworkManager.openvpn (PID 13739) 
> > Jun 25 11:25:40 briere NetworkManager: <info>  VPN Activation (Westbrook)
> > Stage 1 of 4 (Connection Prepare) complete. 
> > Jun 25 11:25:40 briere NetworkManager: <info>  VPN Activation (Westbrook)
> > Stage 2 of 4 (Connection Prepare Wait) scheduled... 
> > Jun 25 11:25:40 briere NetworkManager: <info>  VPN service
> > 'org.freedesktop.NetworkManager.openvpn' signaled state change 1 -> 6. 
> > Jun 25 11:25:40 briere NetworkManager: <info>  VPN Activation (Westbrook)
> > Stage 2 of 4 (Connection Prepare Wait) waiting... 
> > Jun 25 11:25:40 briere NetworkManager: <info>  VPN Activation (Westbrook)
> > Stage 2 of 4 (Connection Prepare Wait) complete. 
> > Jun 25 11:25:40 briere NetworkManager: <info>  VPN Activation (Westbrook)
> > Stage 3 of 4 (Connect) scheduled... 
> > Jun 25 11:25:40 briere NetworkManager: <info>  VPN Activation (Westbrook)
> > Stage 3 of 4 (Connect) sending connect request. 
> > Jun 25 11:25:40 briere NetworkManager: <info>  VPN Activation (Westbrook)
> > Stage 3 of 4 (Connect) request sent, waiting for reply... 
> > Jun 25 11:25:40 briere NetworkManager: <info>  VPN service
> > 'org.freedesktop.NetworkManager.openvpn' signaled state change 6 -> 3. 
> > Jun 25 11:25:40 briere NetworkManager: <info>  VPN Activation (Westbrook)
> > Stage 3 of 4 (Connect) reply received. 
> > Jun 25 11:25:40 briere NetworkManager: <info>  VPN Activation (Westbrook)
> > Stage 4 of 4 (IP Config Get) timeout scheduled... 
> > Jun 25 11:25:40 briere NetworkManager: <info>  VPN Activation (Westbrook)
> > Stage 3 of 4 (Connect) complete, waiting for IP configuration... 
> > Jun 25 11:25:40 briere nm-openvpn[13742]: OpenVPN 2.1_rc7
> > i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] built on Jun 11 2008
> > Jun 25 11:25:40 briere nm-openvpn[13742]: /usr/bin/openssl-vulnkey -q -b
> > 1024 -m <modulus omitted>
> > Jun 25 11:25:40 briere nm-openvpn[13742]: LZO compression initialized
> > Jun 25 11:25:41 briere nm-openvpn[13742]: UDPv4 link local: [undef]
> > Jun 25 11:25:41 briere nm-openvpn[13742]: UDPv4 link remote:
> > ip.removed:1194
> > Jun 25 11:25:46 briere nm-openvpn[13742]: [server] Peer Connection
> > Initiated with ip.removed:1194
> > Jun 25 11:25:47 briere nm-openvpn[13742]: TUN/TAP device tap1 opened
> > Jun 25 11:25:47 briere nm-openvpn[13742]:
> > /usr/lib/network-manager-openvpn/nm-openvpn-service-openvpn-helper tap1
> > 1500 1574   init
> > Jun 25 11:25:47 briere nm-openvpn-service-openvpn-helper: <WARNING>^I main
> > (): nm-openvpn-service-openvpn-helper didn't receive an Internal IP4
> > Address from openvpn. 
> > Jun 25 11:25:47 briere NetworkManager: <WARN> 
> > nm_vpn_service_process_signal(): VPN failed for service
> > 'org.freedesktop.NetworkManager.openvpn', signal 'IPConfigBad', with
> > message 'The VPN login failed because the VPN program received an invalid
> > configuration from the VPN server.'. 
> > Jun 25 11:25:47 briere NetworkManager: <info>  VPN service
> > 'org.freedesktop.NetworkManager.openvpn' signaled state change 3 -> 5. 
> > Jun 25 11:25:47 briere NetworkManager: <info>  VPN service
> > 'org.freedesktop.NetworkManager.openvpn' signaled state change 5 -> 6. 
> > Jun 25 11:25:47 briere NetworkManager: <WARN> 
> > nm_vpn_service_stop_connection(): (VPN Service
> > org.freedesktop.NetworkManager.openvpn): could not stop connection
> > 'Westbrook' because service was 6. 
> > Jun 25 11:25:47 briere nm-openvpn[13742]: script failed: shell command
> > exited with error status: 1
> > Jun 25 11:25:47 briere nm-openvpn[13742]: Exiting
> > Jun 25 11:25:47 briere NetworkManager: <debug> [1214407547.840381]
> > nm_dbus_signal_filter(): NetworkManagerInfo triggered update of VPN
> > connection 'Westbrook' 
> >
References:
- Re: OpenVPN Client on Ubuntu
  - From: sdevine
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]