Bug 787419

Summary: vpnc Connection Fails from NetworkManager
Product: [Fedora] Fedora Reporter: mrippa
Component: NetworkManager-vpncAssignee: Dan Williams <dcbw>
Status: CLOSED WONTFIX QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: unspecified    
Version: 16CC: atomlin, dcbw, jklimes
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-02-13 13:52:35 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description mrippa 2012-02-05 00:20:03 UTC 
Description of problem:
VPN Connection from Network Manager Fails, although vpnc from command line works correctly

Version-Release number of selected component (if applicable):


How reproducible:
Every time

Steps to Reproduce:
1. Connect to internet with Network Manager
2. Configure VPN for Cisco IPsec, providing credentials
3. Initiate VPN connection

  
Actual results:
 NetworkManager[871]: /usr/sbin/vpnc: no response from target


Expected results:

VPN client connects to server

Additional info:

Feb  4 14:01:52 jute NetworkManager[871]: NetworkManager[871]: <info> VPN connection 'New VPN Connection' (Connect) reply received.
Feb  4 14:01:52 jute NetworkManager[871]: <info> VPN connection 'New VPN Connection' (Connect) reply received.
Feb  4 14:02:07 jute NetworkManager[871]: /usr/sbin/vpnc: no response from target
Feb  4 14:02:07 jute kernel: [81751.114494] libfcoe_device_notification: NETDEV_UNREGISTER tun1
Feb  4 14:02:07 jute avahi-daemon[866]: Withdrawing workstation service for tun1.
Feb  4 14:02:07 jute lldpad[973]: netlink: 20 bytes leftover after parsing attributes.
Feb  4 14:02:07 jute NetworkManager[871]: ** (nm-vpnc-service:17831): WARNING **: vpnc exited with error code 1
Feb  4 14:02:07 jute NetworkManager[871]: <warn> VPN plugin failed: 1
Feb  4 14:02:07 jute NetworkManager[871]: NetworkManager[871]: <warn> VPN plugin failed: 1
Feb  4 14:02:07 jute NetworkManager[871]: <info> VPN plugin state changed: stopped (6)
Feb  4 14:02:07 jute NetworkManager[871]: NetworkManager[871]: <info> VPN plugin state changed: stopped (6)
Feb  4 14:02:07 jute NetworkManager[871]: <info> VPN plugin state change reason: 0
Feb  4 14:02:07 jute NetworkManager[871]: NetworkManager[871]: <info> VPN plugin state change reason: 0
Feb  4 14:02:07 jute NetworkManager[871]: <warn> error disconnecting VPN: Could not process the request because no VPN connection was active.
Feb  4 14:02:07 jute NetworkManager[871]: NetworkManager[871]: <warn> error disconnecting VPN: Could not process the request because no VPN connection was active.
Feb  4 14:02:07 jute NetworkManager[871]: <info> Policy set 'Wired connection 1' (em1) as default for IPv4 routing and DNS.
Feb  4 14:02:07 jute NetworkManager[871]: NetworkManager[871]: <info> Policy set 'Wired connection 1' (em1) as default for IPv4 routing and DNS.
Comment 1 mrippa 2012-02-05 00:24:33 UTC 
Further information:

# yum list NetworkManager\*
Loaded plugins: langpacks, presto, refresh-packagekit
Installed Packages
NetworkManager.x86_64                          1:0.9.2-1.fc16               @updates                    
NetworkManager-glib.x86_64                     1:0.9.2-1.fc16               @updates                    
NetworkManager-openvpn.x86_64                  1:0.9.0-1.fc16               @koji-override-0/$releasever
NetworkManager-pptp.x86_64                     1:0.9.0-1.fc16               @koji-override-0/$releasever
NetworkManager-vpnc.x86_64                     1:0.9.0-1.fc16               @koji-override-0/$releasever


# yum list vpnc\*
Loaded plugins: langpacks, presto, refresh-packagekit
Installed Packages
vpnc.x86_64                            0.5.3-13.svn457.fc16                 @koji-override-0/$releasever
vpnc-script.noarch                     0.5.3-13.svn457.fc16                 @koji-override-0/$releasever
Comment 2 Dan Williams 2012-03-13 20:13:17 UTC 
You can get more info from NM's vpnc plugin if you do the following in a terminal as root:

1) killall -TERM nm-vpnc-service
2) /usr/libexec/nm-vpnc-service --debug --persist
3) activate the VPN connection as you normally would

That'll dump a huge amount of debug information which could shed light on the issue.  It might have passwords in it so be careful if you add it as an attachment to this bug report.
Comment 3 Aaron Tomlin 2012-06-27 20:12:42 UTC 
(In reply to comment #2)
> You can get more info from NM's vpnc plugin if you do the following in a
> terminal as root:
> 
> 1) killall -TERM nm-vpnc-service
> 2) /usr/libexec/nm-vpnc-service --debug --persist
> 3) activate the VPN connection as you normally would
> 
> That'll dump a huge amount of debug information which could shed light on
> the issue.  It might have passwords in it so be careful if you add it as an
> attachment to this bug report.

/usr/sbin/vpnc: response was invalid [1]:  (ISAKMP_N_INVALID_EXCHANGE_TYPE)(7)

** (nm-vpnc-service:25224): WARNING **: vpnc exited with error code 1
Comment 4 Jirka Klimes 2012-09-05 08:59:56 UTC 
If there's still an issue with current packages, please provide the log Dan asked for in comment #2.
Comment 5 Fedora End Of Life 2013-01-16 13:11:02 UTC 
This message is a reminder that Fedora 16 is nearing its end of life.
Approximately 4 (four) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 16. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '16'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 16's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 16 is end of life. If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora, you are encouraged to click on 
"Clone This Bug" and open it against that version of Fedora.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 
http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Comment 6 Fedora End Of Life 2013-02-13 13:52:38 UTC 
Fedora 16 changed to end-of-life (EOL) status on 2013-02-12. Fedora 16 is 
no longer maintained, which means that it will not receive any further 
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of 
Fedora please feel free to reopen this bug against that version.

Thank you for reporting this bug and we are sorry it could not be fixed.