Re: Headless VPN connections

From: "D.S. Ljungmark" <spider aanstoot se>
To: Dan Williams <dcbw redhat com>
Cc: networkmanager-list gnome org
Subject: Re: Headless VPN connections
Date: Thu, 17 Jul 2014 22:53:12 +0200

Thanks,
  as the machines need "unencrypted" network to re-negotiate keys, I
can't really use the secondaries  features, so instead I just ended up
with a systemd timer unit set to do
nmcli -w 0 c up id vpn  as a oneshot.

On Thu, Jul 17, 2014 at 10:48 PM, Dan Williams <dcbw redhat com> wrote:

On Wed, 2014-07-16 at 10:24 +0200, D.S. Ljungmark wrote:

Thanks, good to know.  The one thing I did struggle with for a while was
permissions on the keyfiles. Now as said, we have a connection defined. It
connects as intended, if ordered manually. But it doesn't auto connect or
reconnect.


VPN autoconnect is not implemented at this time, unless you use the
"secondaries" functionality.  VPN reconnect is also not implemented, but
we hope to make that work better soon.

Dan

/D.S.
On 16 Jul 2014 10:20, "Thomas Haller" <thaller redhat com> wrote:

On Tue, 2014-07-15 at 17:16 +0200, D.S. Ljungmark wrote:

On 15/07/14 15:20, Thomas Haller wrote:

... BUT... for VPN, the settings are opaque to NetworkManager and

passed

on to the VPN plugin. So, to know the meaning of the [vpn] settings,

you

have to look for their meaning in NetworkManager-openvpn... usually
these parameters correspond to command line options to openvpn. So see
`man openvpn`.


Aye, we have openVpn setup & working. but not integrated with
NetworkManager, what we're hoping is to have NM manage all interfaces
and VPN's and just have stuff "work" without having to manage it via
various cron jobs to automatically restart things just in case.
( seriously, running curl http://vpn.vpn.vpn || service vpn restart  is
-not- optimal. But was what we used to have )



Sidenote: NetworkManager-openvpn plugin does not pass any keys blindly
to openvpn. It only allows those options, that it understands. The
reason is that if the plugin would allow options that it cannot
understand, it would not know what openvpn is doing. Thus, there might
be some options, that are not implemented in the plugin and do not work.

But as you said you got NM connecting, that does not concern you.


Thomas

_______________________________________________
networkmanager-list mailing list
networkmanager-list gnome org
https://mail.gnome.org/mailman/listinfo/networkmanager-list




-- 
8362 CB14 98AD 11EF CEB6  FA81 FCC3 7674 449E 3CFC

References:
- Headless VPN connections
  - From: D.S. Ljungmark
- Re: Headless VPN connections
  - From: Thomas Haller
- Re: Headless VPN connections
  - From: D.S. Ljungmark
- Re: Headless VPN connections
  - From: Thomas Haller
- Re: Headless VPN connections
  - From: D.S. Ljungmark
- Re: Headless VPN connections
  - From: Dan Williams

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]