Re: help
- From: Dan Williams <dcbw redhat com>
- To: julien <julien briche robopec com>
- Cc: networkmanager-list gnome org
- Subject: Re: help
- Date: Thu, 03 Nov 2011 11:13:09 -0500
On Thu, 2011-11-03 at 16:46 +0100, julien wrote:
> unsuscribe
> end
You can do this by visiting:
http://mail.gnome.org/mailman/listinfo/networkmanager-list
and unsubscribing yourself on that page.
Dan
>
> Le 03/11/2011 16:22, networkmanager-list-request gnome org a écrit :
> > Send networkmanager-list mailing list submissions to
> > networkmanager-list gnome org
> >
> > To subscribe or unsubscribe via the World Wide Web, visit
> > http://mail.gnome.org/mailman/listinfo/networkmanager-list
> > or, via email, send a message with subject or body 'help' to
> > networkmanager-list-request gnome org
> >
> > You can reach the person managing the list at
> > networkmanager-list-owner gnome org
> >
> > When replying, please edit your Subject line so it is more specific
> > than "Re: Contents of networkmanager-list digest..."
> >
> >
> > Today's Topics:
> >
> > 1. Re: OpenVpn plugin NeedSecret (Francesco Andrisani)
> >
> >
> > ----------------------------------------------------------------------
> >
> > Message: 1
> > Date: Thu, 3 Nov 2011 16:21:38 +0100
> > From: Francesco Andrisani<francesco andrisani acotel com>
> > To: Dan Williams<dcbw redhat com>
> > Cc: networkmanager-list gnome org
> > Subject: Re: OpenVpn plugin NeedSecret
> > Message-ID:
> > <CALceD1tO35dNH90baeDLQaYdWPpcjxrPS_032bjGyuzd+wVhsA mail gmail com>
> > Content-Type: text/plain; charset="windows-1252"
> >
> > Hi,
> > then...below my new (NetworkManager-openvpn) confg file and client.conf
> > (openvpn) config file:
> >
> > debian# cat /etc/NetworkManager/system-connections/VPNconnection
> > [connection]
> > id=VPNconnection
> > uuid=355653c0-34d3-4777-ad25-f9a498b7ef8e
> > type=vpn
> > autoconnect=FALSE
> >
> > [ipv4]
> > method=auto
> >
> > [vpn]
> > name=openvpn
> > service-type=org.freedesktop.NetworkManager.openvpn
> > remote=openvpn.xxx.xxxxx.it
> > proto-udp=yes
> > reneg-seconds=0
> > port=1194
> > ca=/etc/openvpn/certs/cacert.crt
> > cert=/etc/openvpn/certs/xxxxxxxx-vpn.pem
> > key=/etc/openvpn/certs/xxxxxxxxx-vpn-key.pem
> >
> > [ipv6]
> > method=ignore
> >
> > debian# cat /etc/openvpn/client.conf
> > client
> > dev tun
> > proto udp
> > # This is the remote ip address and port of the VPN Server
> > remote openvpn.xxx.xxxxxx.it
> > resolv-retry infinite
> > ping 10
> > ping-restart 60
> > nobind
> > persist-key
> > persist-tun
> > ca certs/cacert.crt
> > cert certs/xxxxxxxx-vpn.pem
> > key certs/xxxxxxxxxx-vpn-key.pem
> > verb 3
> > comp-lzo
> > explicit-exit-notify 2
> > log-append /var/log/openvpn.log
> >
> > Now...after your changes, if i try to start vpn from NetworkManager i can
> > see these logs:
> >
> > Nov 3 16:26:54 debian NetworkManager[2899]:<info> Starting VPN service
> > 'openvpn'...
> > Nov 3 16:26:54 debian NetworkManager[2899]:<info> VPN service 'openvpn'
> > started (org.freedesktop.NetworkManager.openvpn), PID 3296
> > Nov 3 16:26:54 debian NetworkManager[2899]:<info> VPN service 'openvpn'
> > appeared; activating connections
> > Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.716383]
> > [nm-vpn-connection.c:902] get_secrets():
> > (355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection) requesting VPN secrets
> > pass #1
> > Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.716961]
> > [nm-agent-manager.c:1100] nm_agent_manager_get_secrets(): Secrets requested
> > for connection /org/freedesktop/NetworkManager/Settings/5 (vpn)
> > Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.717110]
> > [nm-settings-connection.c:850] nm_settings_connection_get_secrets():
> > (355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:3) secrets requested flags
> > 0x80000000 hint '(null)'
> > Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.720913]
> > [nm-agent-manager.c:1015] get_start(): (0xfcba0/vpn) system settings
> > secrets sufficient
> > Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.721055]
> > [nm-settings-connection.c:706] agent_secrets_done_cb():
> > (355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:3) existing secrets returned
> > Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.721154]
> > [nm-settings-connection.c:712] agent_secrets_done_cb():
> > (355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:3) secrets request completed
> > Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.733265]
> > [nm-settings-connection.c:751] agent_secrets_done_cb():
> > (355653c0-34d3-4777-ad25-f9a498b7ef8e/vpn:3) new agent secrets processed
> > Nov 3 16:26:54 debian NetworkManager[2899]:<debug> [1320337614.733906]
> > [nm-vpn-connection.c:870] get_secrets_cb():
> > (355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection) asking service if
> > additional secrets are required
> > Nov 3 16:26:54 debian NetworkManager[2899]:<info> VPN plugin state
> > changed: 1
> > Nov 3 16:26:54 debian NetworkManager[2899]:<info> Policy set
> > 'MyConnection' (eth0) as default for IPv4 routing and DNS.
> > Nov 3 16:27:00 debian NetworkManager[2899]:<info> VPN service 'openvpn'
> > disappeared
> > Nov 3 16:27:02 debian NetworkManager[2899]:<debug> [1320337622.2972]
> > [nm-vpn-service.c:267] ensure_killed(): waiting for VPN service pid 3296 to
> > exit
> > Nov 3 16:27:02 debian NetworkManager[2899]:<debug> [1320337622.3592]
> > [nm-vpn-service.c:269] ensure_killed(): VPN service pid 3296 cleaned up
> >
> > Thanks and Regards
> >
> > On Thu, Nov 3, 2011 at 4:03 PM, Francesco Andrisani<
> > francesco andrisani acotel com> wrote:
> >
> >> Thanks a lot. But i'm not able to know all parameter to intert into my
> >> /etc/NetworkManager/system-connections/VPNconnection.
> >>
> >> For example keyfile, certficate, ecc
> >>
> >> Please can you tell me how to find these informations (all parameters)?
> >>
> >> Thanks and regards
> >>
> >>
> >> On Thu, Nov 3, 2011 at 3:51 PM, Dan Williams<dcbw redhat com> wrote:
> >>
> >>> On Thu, 2011-11-03 at 10:26 +0100, Francesco Andrisani wrote:
> >>>> Anothe DEBUG info:
> >>>>
> >>>> debian:/etc/NetworkManager# /usr/libexec/nm-openvpn-service --debug
> >>>> ** Message: nm-openvpn-service (version 0.9.0) starting...
> >>>> ** Message: real_need_secrets: connection
> >>>> -------------------------------------
> >>>> connection
> >>>> name : "connection"
> >>>> id : "VPNconnection" (s)
> >>>> uuid : "355653c0-34d3-4777-ad25-f9a498b7ef8e" (s)
> >>>> type : "vpn" (s)
> >>>> permissions : [] (sd)
> >>>> autoconnect : FALSE (s)
> >>>> timestamp : 0 (sd)
> >>>> read-only : FALSE (sd)
> >>>>
> >>>>
> >>>> ipv4
> >>>> name : "ipv4"
> >>>> method : "auto" (s)
> >>>> dns : [] (s)
> >>>> dns-search : [] (sd)
> >>>> addresses : [] (s)
> >>>> routes : [] (s)
> >>>> ignore-auto-routes : FALSE (sd)
> >>>> ignore-auto-dns : FALSE (sd)
> >>>> dhcp-client-id : NULL (sd)
> >>>> dhcp-send-hostname : TRUE (sd)
> >>>> dhcp-hostname : NULL (sd)
> >>>> never-default : FALSE (sd)
> >>>> may-fail : FALSE (sd)
> >>>>
> >>>>
> >>>> ipv6
> >>>> name : "ipv6"
> >>>> method : "ignore" (s)
> >>>> dns : [] (s)
> >>>> dns-search : [] (sd)
> >>>> addresses : [] (s)
> >>>> routes : [] (s)
> >>>> ignore-auto-routes : FALSE (sd)
> >>>> ignore-auto-dns : FALSE (sd)
> >>>> never-default : FALSE (sd)
> >>>> may-fail : TRUE (sd)
> >>>>
> >>>>
> >>>> vpn
> >>>> name : "vpn"
> >>>> service-type : "org.freedesktop.NetworkManager.openvpn" (s)
> >>>> user-name : NULL (sd)
> >>>> data : [ { 'name': openvpn }, ] (s)
> >>>> secrets : [ ] (s)
> >>> So here's the problem; the [vpn] setting isn't completely specified.
> >>> Did you import this connection from an openvpn config file? Unless this
> >>> was changed at some point (or there's a bug in the editor) this
> >>> connection was never valid since it doesn't have the required connection
> >>> type field and a few other things. Here's what it *should* look like:
> >>>
> >>> [vpn]
> >>> service-type=org.freedesktop.NetworkManager.openvpn
> >>> connection-type=password
> >>> password-flags=3
> >>> remote=ovpn.mycompany.com
> >>> cipher=AES-256-CBC
> >>> proto-tcp=yes
> >>> reneg-seconds=0
> >>> port=443
> >>> username=dcbw
> >>> ca=/home/dcbw/MyCA.pem
> >>>
> >>> or something along those lines. If you imported it from a config file,
> >>> can you try doing that again? If it still looks like this, can you send
> >>> me the config file so I can see what's going wrong?
> >>>
> >>> Dan
> >>>
> >>>> Regards
> >>>>
> >>>>
> >>>> On Thu, Nov 3, 2011 at 10:12 AM, Francesco Andrisani
> >>>> <francesco andrisani acotel com> wrote:
> >>>> OK.
> >>>>
> >>>> So i've installed openvpn client on my workstation with
> >>>> certificate authentication and...it work fine.
> >>>> About NetworkManager-openvpn i've installed (from sources)
> >>>> 0.9.0 version, the same of NetworkManager (it also installed
> >>>> from sources).
> >>>>
> >>>> A clarification...i use the system without X server (no gnome,
> >>>> no kde).
> >>>> Below my NetworkManager and NetworkManager-openvpn
> >>>> configuration files.
> >>>>
> >>>> debian:/etc/NetworkManager# cat
> >>>> system-connections/VPNconnection
> >>>> [connection]
> >>>> id=VPNconnection
> >>>> uuid=355653c0-34d3-4777-ad25-f9a498b7ef8e
> >>>> type=vpn
> >>>> autoconnect=FALSE
> >>>>
> >>>> [ipv4]
> >>>> method=auto
> >>>>
> >>>> [vpn]
> >>>> name=openvpn
> >>>> service-type=org.freedesktop.NetworkManager.openvpn
> >>>>
> >>>> [ipv6]
> >>>> method=ignore
> >>>>
> >>>> I've no secrets specified here, Is it correct? I've no
> >>>> password for start opevpn client manually. Only certificate
> >>>> authentication.
> >>>>
> >>>> debian:/etc/NetworkManager# cat VPN/nm-openvpn-service.name
> >>>> [VPN Connection]
> >>>> name=openvpn
> >>>> service=org.freedesktop.NetworkManager.openvpn
> >>>> program=/usr/libexec/nm-openvpn-service
> >>>>
> >>>> Regards
> >>>>
> >>>>
> >>>>
> >>>> On Thu, Nov 3, 2011 at 2:25 AM, Dan Williams<dcbw redhat com>
> >>>> wrote:
> >>>> On Wed, 2011-11-02 at 10:21 +0100, Francesco Andrisani
> >>>> wrote:
> >>>> > (355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection)
> >>>> plugin
> >>>> > NeedSecrets
> >>>> > request #1 failed: dbus-glib-error-quark Invalid
> >>>> connection type.
> >>>>
> >>>>
> >>>> This part is the problem. Any chance you could paste
> >>>> in your vpn
> >>>> connection file
> >>>> from /etc/NetworkManager/system-connections for us to
> >>>> look at? Remove any passwords and XXXX out any
> >>>> sensitive information
> >>>> before doing so.
> >>>>
> >>>> Any idea what version of NetworkManager-openvpn you've
> >>>> got installed?
> >>>>
> >>>> Dan
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> --
> >>>> ____________________________________________________
> >>>> Francesco Andrisani
> >>>> mailto:francesco andrisani acotel com
> >>>> Acotel Spa
> >>>> http://www.acotel.com
> >>>> Via della Valle dei Fontanili, 29
> >>>> 00168 Roma
> >>>> Tel +390661141200
> >>>> Fax +39066149936
> >>>> ____________________________________________________
> >>>>
> >>>>
> >>>> Le informazioni contenute nella comunicazione che precede
> >>>> possono essere riservate e sono, comunque, destinate
> >>>> esclusivamente alla persona o all?ente sopraindicati. La
> >>>> diffusione, distribuzione e/o copiatura non autorizzata del
> >>>> documento trasmesso da parte di qualsiasi soggetto ? proibita.
> >>>> La sicurezza e la correttezza dei messaggi di posta
> >>>> elettronica non possono essere garantite. Se avete ricevuto
> >>>> questo messaggio per errore, Vi preghiamo di contattarci
> >>>> immediatamente. Grazie.
> >>>>
> >>>> This message is for the named person's use only. It may
> >>>> contain confidential, proprietary or legally privileged
> >>>> information. No confidentiality or privilege is waived or lost
> >>>> by any transmission. If you receive this message in error,
> >>>> please immediately delete it and all copies of it from your
> >>>> system, destroy any hard copies of it and notify the sender.
> >>>> You must not, directly or indirectly, use, disclose,
> >>>> distribute, print, or copy any part of this message if you are
> >>>> not the intended recipient. Thanks
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> --
> >>>> ____________________________________________________
> >>>> Francesco Andrisani
> >>>> mailto:francesco andrisani acotel com
> >>>> Acotel Spa
> >>>> http://www.acotel.com
> >>>> Via della Valle dei Fontanili, 29
> >>>> 00168 Roma
> >>>> Tel +390661141200
> >>>> Fax +39066149936
> >>>> ____________________________________________________
> >>>>
> >>>>
> >>>> Le informazioni contenute nella comunicazione che precede possono
> >>>> essere riservate e sono, comunque, destinate esclusivamente alla
> >>>> persona o all?ente sopraindicati. La diffusione, distribuzione e/o
> >>>> copiatura non autorizzata del documento trasmesso da parte di
> >>>> qualsiasi soggetto ? proibita. La sicurezza e la correttezza dei
> >>>> messaggi di posta elettronica non possono essere garantite. Se avete
> >>>> ricevuto questo messaggio per errore, Vi preghiamo di contattarci
> >>>> immediatamente. Grazie.
> >>>>
> >>>> This message is for the named person's use only. It may contain
> >>>> confidential, proprietary or legally privileged information. No
> >>>> confidentiality or privilege is waived or lost by any transmission. If
> >>>> you receive this message in error, please immediately delete it and
> >>>> all copies of it from your system, destroy any hard copies of it and
> >>>> notify the sender. You must not, directly or indirectly, use,
> >>>> disclose, distribute, print, or copy any part of this message if you
> >>>> are not the intended recipient. Thanks
> >>>>
> >>>>
> >>>
> >>>
> >>
> >> --
> >> ____________________________________________________
> >> *Francesco Andrisani*
> >> mailto:francesco andrisani acotel com
> >> *Acotel Spa*
> >> http://www.acotel.com
> >> Via della Valle dei Fontanili, 29
> >> 00168 Roma
> >> Tel +390661141200
> >> Fax +39066149936
> >> ____________________________________________________
> >>
> >> Le informazioni contenute nella comunicazione che precede possono essere
> >> riservate e sono, comunque, destinate esclusivamente alla persona o
> >> all?ente sopraindicati. La diffusione, distribuzione e/o copiatura non
> >> autorizzata del documento trasmesso da parte di qualsiasi soggetto ?
> >> proibita. La sicurezza e la correttezza dei messaggi di posta elettronica
> >> non possono essere garantite. Se avete ricevuto questo messaggio per
> >> errore, Vi preghiamo di contattarci immediatamente. Grazie.
> >>
> >> This message is for the named person's use only. It may contain
> >> confidential, proprietary or legally privileged information. No
> >> confidentiality or privilege is waived or lost by any transmission. If you
> >> receive this message in error, please immediately delete it and all copies
> >> of it from your system, destroy any hard copies of it and notify the
> >> sender. You must not, directly or indirectly, use, disclose, distribute,
> >> print, or copy any part of this message if you are not the intended
> >> recipient. Thanks
> >>
> >>
> >
>
>
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]