Re: unable to use openvpn server which uses "push route..."

On 2017-01-24 01:55, Tomasz Chmielewski wrote:
On 2017-01-24 03:05, Thomas Haller wrote:

Please advise how to use NetworkManager for OpenVPN servers which
not default gateways and which push their own routes.

whether the VPN gets the default route, depends on the (inverse)
"ipv4.never-default" setting. See `nmcli connection show "$MY_VPN"`

Why does NM attempt to set a default route for a OpenVPN connection where the OpenVPN server does not 
advertise itself as a default route? It would
almost never work, and sounds like a bug to me.

Anyway, with "Use this connection only for resources on its network" set:

# nmcli connection show $MY_VPN|grep never-default
ipv4.never-default:                     yes
ipv6.never-default:                     no

It no longer sets the connection as a default route.

Try to enable debug-logging of the VPN server:

  sudo nmcli logging general level TRACE domains ALL:VPN_PLUGIN

# nmcli logging general level TRACE domains ALL:VPN_PLUGIN
Error: Object 'logging' is unknown, try 'nmcli help'.
# nmcli general logging level TRACE domains ALL:VPN_PLUGIN
Error: failed to set logging: Unknown log level 'VPN_PLUGIN'

So in the end I came up with this one:

# nmcli general logging level TRACE domains VPN

And it helped me debug this - thanks!

The main problem is that OpenVPN does not export if the route is intended
as a default-route to the --up script, hence NetworkManager can't deduce what it should do.
I submitted a pull request a few months ago, but haven't got any response yet:

/Anders Blomdell
Anders Blomdell                  Email: anders blomdell control lth se
Department of Automatic Control
Lund University                  Phone:    +46 46 222 4625
P.O. Box 118                     Fax:      +46 46 138118
SE-221 00 Lund, Sweden

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]