help
- From: julien <julien briche robopec com>
- To: networkmanager-list gnome org
- Subject: help
- Date: Thu, 03 Nov 2011 16:46:46 +0100
unsuscribe
end
Le 03/11/2011 16:22, networkmanager-list-request gnome org a écrit :
Send networkmanager-list mailing list submissions to
networkmanager-list gnome org
To subscribe or unsubscribe via the World Wide Web, visit
http://mail.gnome.org/mailman/listinfo/networkmanager-list
or, via email, send a message with subject or body 'help' to
networkmanager-list-request gnome org
You can reach the person managing the list at
networkmanager-list-owner gnome org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of networkmanager-list digest..."
Today's Topics:
1. Re: OpenVpn plugin NeedSecret (Francesco Andrisani)
----------------------------------------------------------------------
Message: 1
Date: Thu, 3 Nov 2011 16:21:38 +0100
From: Francesco Andrisani<francesco andrisani acotel com>
To: Dan Williams<dcbw redhat com>
Cc: networkmanager-list gnome org
Subject: Re: OpenVpn plugin NeedSecret
Message-ID:
<CALceD1tO35dNH90baeDLQaYdWPpcjxrPS_032bjGyuzd+wVhsA mail gmail com>
Content-Type: text/plain; charset="windows-1252"
Hi,
then...below my new (NetworkManager-openvpn) confg file and client.conf
(openvpn) config file:
debian# cat /etc/NetworkManager/system-connections/VPNconnection
[connection]
id=VPNconnection
uuid=355653c0-34d3-4777-ad25-f9a498b7ef8e
type=vpn
autoconnect=FALSE
[ipv4]
method=auto
[vpn]
name=openvpn
service-type=org.freedesktop.NetworkManager.openvpn
remote=openvpn.xxx.xxxxx.it
proto-udp=yes
reneg-seconds=0
port=1194
ca=/etc/openvpn/certs/cacert.crt
cert=/etc/openvpn/certs/xxxxxxxx-vpn.pem
key=/etc/openvpn/certs/xxxxxxxxx-vpn-key.pem
[ipv6]
method=ignore
debian# cat /etc/openvpn/client.conf
client
dev tun
proto udp
# This is the remote ip address and port of the VPN Server
remote openvpn.xxx.xxxxxx.it
resolv-retry infinite
ping 10
ping-restart 60
nobind
persist-key
persist-tun
ca certs/cacert.crt
cert certs/xxxxxxxx-vpn.pem
key certs/xxxxxxxxxx-vpn-key.pem
verb 3
comp-lzo
explicit-exit-notify 2
log-append /var/log/openvpn.log
Now...after your changes, if i try to start vpn from NetworkManager i can
see these logs:
Nov 3 16:26:54 debian NetworkManager[2899]:<info> Starting VPN service
'openvpn'...
Nov 3 16:26:54 debian NetworkManager[2899]:<info> VPN service 'openvpn'
started (org.freedesktop.NetworkManager.openvpn), PID 3296
Nov 3 16:26:54 debian NetworkManager[2899]:<info> VPN service 'openvpn'
appeared; activating connections
Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.716383]
[nm-vpn-connection.c:902] get_secrets():
(355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection) requesting VPN secrets
pass #1
Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.716961]
[nm-agent-manager.c:1100] nm_agent_manager_get_secrets(): Secrets requested
for connection /org/freedesktop/NetworkManager/Settings/5 (vpn)
Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.717110]
[nm-settings-connection.c:850] nm_settings_connection_get_secrets():
(355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:3) secrets requested flags
0x80000000 hint '(null)'
Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.720913]
[nm-agent-manager.c:1015] get_start(): (0xfcba0/vpn) system settings
secrets sufficient
Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.721055]
[nm-settings-connection.c:706] agent_secrets_done_cb():
(355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:3) existing secrets returned
Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.721154]
[nm-settings-connection.c:712] agent_secrets_done_cb():
(355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:3) secrets request completed
Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.733265]
[nm-settings-connection.c:751] agent_secrets_done_cb():
(355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:3) new agent secrets processed
Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.733906]
[nm-vpn-connection.c:870] get_secrets_cb():
(355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection) asking service if
additional secrets are required
Nov 3 16:26:54 debian NetworkManager[2899]:<info> VPN plugin state
changed: 1
Nov 3 16:26:54 debian NetworkManager[2899]:<info> Policy set
'MyConnection' (eth0) as default for IPv4 routing and DNS.
Nov 3 16:27:00 debian NetworkManager[2899]:<info> VPN service 'openvpn'
disappeared
Nov 3 16:27:02 debian NetworkManager[2899]:<debug> [1320337622.2972]
[nm-vpn-service.c:267] ensure_killed(): waiting for VPN service pid 3296 to
exit
Nov 3 16:27:02 debian NetworkManager[2899]:<debug> [1320337622.3592]
[nm-vpn-service.c:269] ensure_killed(): VPN service pid 3296 cleaned up
Thanks and Regards
On Thu, Nov 3, 2011 at 4:03 PM, Francesco Andrisani<
francesco andrisani acotel com> wrote:
Thanks a lot. But i'm not able to know all parameter to intert into my
/etc/NetworkManager/system-connections/VPNconnection.
For example keyfile, certficate, ecc
Please can you tell me how to find these informations (all parameters)?
Thanks and regards
On Thu, Nov 3, 2011 at 3:51 PM, Dan Williams<dcbw redhat com> wrote:
On Thu, 2011-11-03 at 10:26 +0100, Francesco Andrisani wrote:
Anothe DEBUG info:
debian:/etc/NetworkManager# /usr/libexec/nm-openvpn-service --debug
** Message: nm-openvpn-service (version 0.9.0) starting...
** Message: real_need_secrets: connection
-------------------------------------
connection
name : "connection"
id : "VPNconnection" (s)
uuid : "355653c0-34d3-4777-ad25-f9a498b7ef8e" (s)
type : "vpn" (s)
permissions : [] (sd)
autoconnect : FALSE (s)
timestamp : 0 (sd)
read-only : FALSE (sd)
ipv4
name : "ipv4"
method : "auto" (s)
dns : [] (s)
dns-search : [] (sd)
addresses : [] (s)
routes : [] (s)
ignore-auto-routes : FALSE (sd)
ignore-auto-dns : FALSE (sd)
dhcp-client-id : NULL (sd)
dhcp-send-hostname : TRUE (sd)
dhcp-hostname : NULL (sd)
never-default : FALSE (sd)
may-fail : FALSE (sd)
ipv6
name : "ipv6"
method : "ignore" (s)
dns : [] (s)
dns-search : [] (sd)
addresses : [] (s)
routes : [] (s)
ignore-auto-routes : FALSE (sd)
ignore-auto-dns : FALSE (sd)
never-default : FALSE (sd)
may-fail : TRUE (sd)
vpn
name : "vpn"
service-type : "org.freedesktop.NetworkManager.openvpn" (s)
user-name : NULL (sd)
data : [ { 'name': openvpn }, ] (s)
secrets : [ ] (s)
So here's the problem; the [vpn] setting isn't completely specified.
Did you import this connection from an openvpn config file? Unless this
was changed at some point (or there's a bug in the editor) this
connection was never valid since it doesn't have the required connection
type field and a few other things. Here's what it *should* look like:
[vpn]
service-type=org.freedesktop.NetworkManager.openvpn
connection-type=password
password-flags=3
remote=ovpn.mycompany.com
cipher=AES-256-CBC
proto-tcp=yes
reneg-seconds=0
port=443
username=dcbw
ca=/home/dcbw/MyCA.pem
or something along those lines. If you imported it from a config file,
can you try doing that again? If it still looks like this, can you send
me the config file so I can see what's going wrong?
Dan
Regards
On Thu, Nov 3, 2011 at 10:12 AM, Francesco Andrisani
<francesco andrisani acotel com> wrote:
OK.
So i've installed openvpn client on my workstation with
certificate authentication and...it work fine.
About NetworkManager-openvpn i've installed (from sources)
0.9.0 version, the same of NetworkManager (it also installed
from sources).
A clarification...i use the system without X server (no gnome,
no kde).
Below my NetworkManager and NetworkManager-openvpn
configuration files.
debian:/etc/NetworkManager# cat
system-connections/VPNconnection
[connection]
id=VPNconnection
uuid=355653c0-34d3-4777-ad25-f9a498b7ef8e
type=vpn
autoconnect=FALSE
[ipv4]
method=auto
[vpn]
name=openvpn
service-type=org.freedesktop.NetworkManager.openvpn
[ipv6]
method=ignore
I've no secrets specified here, Is it correct? I've no
password for start opevpn client manually. Only certificate
authentication.
debian:/etc/NetworkManager# cat VPN/nm-openvpn-service.name
[VPN Connection]
name=openvpn
service=org.freedesktop.NetworkManager.openvpn
program=/usr/libexec/nm-openvpn-service
Regards
On Thu, Nov 3, 2011 at 2:25 AM, Dan Williams<dcbw redhat com>
wrote:
On Wed, 2011-11-02 at 10:21 +0100, Francesco Andrisani
wrote:
> (355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection)
plugin
> NeedSecrets
> request #1 failed: dbus-glib-error-quark Invalid
connection type.
This part is the problem. Any chance you could paste
in your vpn
connection file
from /etc/NetworkManager/system-connections for us to
look at? Remove any passwords and XXXX out any
sensitive information
before doing so.
Any idea what version of NetworkManager-openvpn you've
got installed?
Dan
--
____________________________________________________
Francesco Andrisani
mailto:francesco andrisani acotel com
Acotel Spa
http://www.acotel.com
Via della Valle dei Fontanili, 29
00168 Roma
Tel +390661141200
Fax +39066149936
____________________________________________________
Le informazioni contenute nella comunicazione che precede
possono essere riservate e sono, comunque, destinate
esclusivamente alla persona o all?ente sopraindicati. La
diffusione, distribuzione e/o copiatura non autorizzata del
documento trasmesso da parte di qualsiasi soggetto ? proibita.
La sicurezza e la correttezza dei messaggi di posta
elettronica non possono essere garantite. Se avete ricevuto
questo messaggio per errore, Vi preghiamo di contattarci
immediatamente. Grazie.
This message is for the named person's use only. It may
contain confidential, proprietary or legally privileged
information. No confidentiality or privilege is waived or lost
by any transmission. If you receive this message in error,
please immediately delete it and all copies of it from your
system, destroy any hard copies of it and notify the sender.
You must not, directly or indirectly, use, disclose,
distribute, print, or copy any part of this message if you are
not the intended recipient. Thanks
--
____________________________________________________
Francesco Andrisani
mailto:francesco andrisani acotel com
Acotel Spa
http://www.acotel.com
Via della Valle dei Fontanili, 29
00168 Roma
Tel +390661141200
Fax +39066149936
____________________________________________________
Le informazioni contenute nella comunicazione che precede possono
essere riservate e sono, comunque, destinate esclusivamente alla
persona o all?ente sopraindicati. La diffusione, distribuzione e/o
copiatura non autorizzata del documento trasmesso da parte di
qualsiasi soggetto ? proibita. La sicurezza e la correttezza dei
messaggi di posta elettronica non possono essere garantite. Se avete
ricevuto questo messaggio per errore, Vi preghiamo di contattarci
immediatamente. Grazie.
This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any transmission. If
you receive this message in error, please immediately delete it and
all copies of it from your system, destroy any hard copies of it and
notify the sender. You must not, directly or indirectly, use,
disclose, distribute, print, or copy any part of this message if you
are not the intended recipient. Thanks
--
____________________________________________________
*Francesco Andrisani*
mailto:francesco andrisani acotel com
*Acotel Spa*
http://www.acotel.com
Via della Valle dei Fontanili, 29
00168 Roma
Tel +390661141200
Fax +39066149936
____________________________________________________
Le informazioni contenute nella comunicazione che precede possono essere
riservate e sono, comunque, destinate esclusivamente alla persona o
all?ente sopraindicati. La diffusione, distribuzione e/o copiatura non
autorizzata del documento trasmesso da parte di qualsiasi soggetto ?
proibita. La sicurezza e la correttezza dei messaggi di posta elettronica
non possono essere garantite. Se avete ricevuto questo messaggio per
errore, Vi preghiamo di contattarci immediatamente. Grazie.
This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any transmission. If you
receive this message in error, please immediately delete it and all copies
of it from your system, destroy any hard copies of it and notify the
sender. You must not, directly or indirectly, use, disclose, distribute,
print, or copy any part of this message if you are not the intended
recipient. Thanks
--
Julien Briche
Ingénieur de Recherche
ROBOPEC
183 Chemin des Négadoux
83130 Six-Fours les Plages
Tél: 0667093015
http://www.robopec.com
http://www.reeti.fr
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
