Problems with OpenVPN client conf having several remotes
- From: Samuel Le Thiec <sltrash posteo net>
- To: networkmanager-list gnome org
- Subject: Problems with OpenVPN client conf having several remotes
- Date: Mon, 14 Jun 2021 17:52:04 +0000
Hello again:)
I encountered two problems with an openvpn client conf having several remotes.
The first problem occurs when importing a openvpn client config having multiple remotes
mixing udp & tcp and using the "implicit udp syntax":
$ grep ^remote openvpn.conf
ovpn.mydomain.com
ovpn.mydomain.com 53
ovpn.mydomain.com 1194 tcp
When imported in Network Manager, this translates to (in the vpn settings: Identity →
General → Gateway) :
ovpn.mydomain.com, ovpn.mydomain.com:53, ovpn.mydomain.com:1194:tcp
When I try to enable the vpn connection, it goes back to being disabled immediately. Here
is the error message I can see in the journal:
Options error: --explicit-exit-notify can only be used with --proto udp
Now, if I change the gateway vpn setting to:
ovpn.mydomain.com:1194:udp, ovpn.mydomain.com:53:udp, ovpn.mydomain.com:1194:tcp
Then, I can enable the vpn and it looks like it's working...
**BUT**
When I look closer, the fallback/try on the other remotes does not seem to work: on the
journal, I can see the tries on the first remote (IPv6, then IPv4), then I see this log
entry:
Jun 14 19:44:31 nsfw nm-openvpn-serv[333567]: Connect timer expired, disconnecting.
This "fallback mechanism" works fine when invoking openvpn directly. Is there something
else to do to have it working with Network Manager?
Any help greatly appreciated!
Thanks,
samuel
PS: I'm using:
$ NetworkManager --version
1.30.4-1.fc34
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
