Bug 1570457
Summary: | NetworkManager adds parameters breaking connection when editing VPN | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Erik Indresovde <erikindre> |
Component: | NetworkManager-l2tp | Assignee: | Douglas Kosovic <doug> |
Status: | CLOSED NOTABUG | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | unspecified | ||
Version: | 28 | CC: | alexl, bgalvani, code, dcbw, doug, drizt72, fgiudici, john.j5live, lkundrak, mclasen, rhughes, rstrode, sandmann |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2018-06-10 14:38:15 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Erik Indresovde
2018-04-23 00:57:48 UTC
Since the connection is supposed to only have MSCHAP and MSCHAPv2, I'm not sure why these 3 lines make a difference, but as soon as I remove them, the connection works again. Changed component to NetworkManager-l2tp as it is not NetworkManager that is generating the L2TP config file. Extract from pppd man page ( https://ppp.samba.org/pppd.html ) : refuse-chap With this option, pppd will not agree to authenticate itself to the peer using CHAP. refuse-eap With this option, pppd will not agree to authenticate itself to the peer using EAP. refuse-pap With this option, pppd will not agree to authenticate itself to the peer using PAP. Those 3 pppd config lines are generated after CHAP, EAP and PAP are unticked in the NetworkManager-l2tp PPP Options dialog box. I'm not able to reproduce the issue with those 3 lines on Fedora 28 with 3 different L2TP/IPsec VPN servers I just tested against. Is there any useful debugging output in the journalctl output? https://github.com/nm-l2tp/network-manager-l2tp#debugging Forgot to mention. Sometimes MSCHAP and MSCHAPv2 authentication options require the "NT Domain" (i.e. Windows Domain) field to be filled in, while the other auth options don't. So can fail if "NT Domain" is not filled in, but other auth options succeed. |