Bug 1317390 - Using 2 vpn connections simultaneously
Using 2 vpn connections simultaneously
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: NetworkManager-pptp (Show other bugs)
rawhide
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Lubomir Rintel
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2016-03-14 04:07 EDT by Daniel Rindt
Modified: 2016-06-28 13:42 EDT (History)
6 users (show)

See Also:
Fixed In Version: NetworkManager-pptp-1.2.2-1.fc24
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-05-14 19:27:19 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Use a single dbus name for VPN plugin & the pptp helper service (32.26 KB, text/plain)
2016-04-21 06:16 EDT, Lubomir Rintel
no flags Details

  None (edit)
Description Daniel Rindt 2016-03-14 04:07:54 EDT
Description of problem:
I need to use 2 VPN's at same time. I heard thats a tunneled VPN or something similar. The first i connect to have always same credentials, the second one is pin & hardware token based and thus it change every time. Searching the net says i can simple enable in NetworkManagers GUI the VPN's i would like to use but this isn't true for pptp based ones. 

Version-Release number of selected component (if applicable):
NetworkManager-1.2.0-0.6.beta2.fc24.x86_64

How reproducible:
Create 2 VPN connections from type pptp and try to establish the connection in order. The is no connection possible if another VPN connection is established. Error is: "Connection activation failed: The 'pptp' plugin only supports a single active connection."

Steps to Reproduce:
1. Create two pptp VPN's
2. Connect first.
3. Connect second. (Won't work)

Actual results:
Half working VPN situation.

Expected results:
The second VPN connects via the first.

Additional info:
The bug is created based on request of 'lubko'. Thank you for all who help me to clear this situation.
Comment 1 Fedora Update System 2016-04-20 14:34:47 EDT
network-manager-applet-1.2.0-1.rc1.fc24 NetworkManager-libreswan-1.2.0-1.fc24 NetworkManager-fortisslvpn-1.2.0-1.fc24 NetworkManager-openconnect-1.2.0-1.fc24 NetworkManager-pptp-1.2.0-1.fc24 NetworkManager-openvpn-1.2.0-1.fc24 NetworkManager-vpnc-1.2.0-1.fc24 NetworkManager-1.2.0-1.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-7e287fa1e6
Comment 2 Lubomir Rintel 2016-04-21 06:16 EDT
Created attachment 1149420 [details]
Use a single dbus name for VPN plugin & the pptp helper service

Uh, I think this needs more work. Attaching a patch for review.
Comment 3 Fedora Update System 2016-04-21 17:58:28 EDT
NetworkManager-1.2.0-1.fc24, NetworkManager-fortisslvpn-1.2.0-1.fc24, NetworkManager-libreswan-1.2.0-1.fc24, NetworkManager-openconnect-1.2.0-1.fc24, NetworkManager-openvpn-1.2.0-1.fc24, NetworkManager-pptp-1.2.0-1.fc24, NetworkManager-vpnc-1.2.0-1.fc24, network-manager-applet-1.2.0-1.rc1.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-7e287fa1e6
Comment 4 Thomas Haller 2016-04-27 05:53:34 EDT
(In reply to Lubomir Rintel from comment #2)
> Created attachment 1149420 [details]
> Use a single dbus name for VPN plugin & the pptp helper service
> 
> Uh, I think this needs more work. Attaching a patch for review.


Patch lgtm. The following are minor style issues. Fix them if you agree.




+static gboolean
+handle_need_secrets (NMDBusPptpPpp *object,
+              GDBusMethodInvocation *invocation,
+              gpointer user_data)

whitespace.





»···if (priv->saddr) {
»···»···g_free (priv->saddr);
»···»···priv->saddr = NULL;
»···}

To bad, we don't have nm-glib around, like we do on nm-openvpn. g_clear_pointer() would be nice.




nm_pptp_plugin_new() should not contain any additional logic like creating the dbus-skeleton. I would overwrite init_sync() instead.



+    errno = 0;
+    if (inet_ntop (AF_INET, &naddr, buf, sizeof (buf) - 1) == NULL) {
+         g_set_error (error,
+                      NM_VPN_PLUGIN_ERROR,
+                      NM_VPN_PLUGIN_ERROR_LAUNCH_FAILED,
+                      _("no usable addresses returned for PPTP VPN gateway '%s' (%d)"),
+                      src, errno);
+         return FALSE;
+    }

inet_ntop() doesn't fail due to a regular error.
Comment 5 Daniel Rindt 2016-04-28 13:45:32 EDT
How i can test this build? Is it available in the testing repo?
Comment 6 Fedora Update System 2016-05-11 12:03:08 EDT
NetworkManager-1.2.2-1.fc24 NetworkManager-vpnc-1.2.2-1.fc24 NetworkManager-libreswan-1.2.2-1.fc24 NetworkManager-openconnect-1.2.2-1.fc24 NetworkManager-fortisslvpn-1.2.2-1.fc24 NetworkManager-pptp-1.2.2-1.fc24 NetworkManager-openvpn-1.2.2-1.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-73f517cf1a
Comment 7 Fedora Update System 2016-05-12 05:41:00 EDT
NetworkManager-1.2.2-1.fc24, NetworkManager-fortisslvpn-1.2.2-1.fc24, NetworkManager-libreswan-1.2.2-1.fc24, NetworkManager-openconnect-1.2.2-1.fc24, NetworkManager-openvpn-1.2.2-1.fc24, NetworkManager-pptp-1.2.2-1.fc24, NetworkManager-vpnc-1.2.2-1.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-73f517cf1a
Comment 8 Fedora Update System 2016-05-14 19:27:14 EDT
NetworkManager-1.2.2-1.fc24, NetworkManager-fortisslvpn-1.2.2-1.fc24, NetworkManager-libreswan-1.2.2-1.fc24, NetworkManager-openconnect-1.2.2-1.fc24, NetworkManager-openvpn-1.2.2-1.fc24, NetworkManager-pptp-1.2.2-1.fc24, NetworkManager-vpnc-1.2.2-1.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.
Comment 9 Daniel Rindt 2016-05-23 09:04:03 EDT
I've installed and tested nm with my company settings. Company network support sys its connected, and i see that both connections in order and connected, no login issue which show up when i enter my pin wrong. Just to test it. I also can confirm that resolv.conf contains proper dns ip addresses, but i have no packet flow. When i see the statistics from the adapter i would tend to say that all traffic goes to the first connected adapter and not the second one. They are have big differences in RX/TX package count. 
I doesn't find a documentation for this feature, so it's possible i forgot something to configure?
Comment 10 rh 2016-06-21 03:42:01 EDT
Not work for me:

d="0a4517eb-0b61-43c2-b5d1-27536db72d68" name="XXX" pid=8949 uid=1000 result="fail" reason="The 'vpnc' plugin only supports a single active connection."
---

rpm -qa|grep vpn
NetworkManager-openvpn-1.2.2-1.fc24.x86_64
vpnc-script-20140805-4.gitdf5808b.fc24.noarch
NetworkManager-vpnc-1.2.2-1.fc24.x86_64
NetworkManager-openvpn-gnome-1.2.2-1.fc24.x86_64
vpnc-0.5.3-27.svn550.fc24.x86_64
openvpn-2.3.11-1.fc24.x86_64
NetworkManager-vpnc-gnome-1.2.2-1.fc24.x86_64
Comment 11 Thomas Haller 2016-06-21 04:11:53 EDT
(In reply to jrh from comment #10)
> Not work for me:
> 
> NetworkManager-vpnc-1.2.2-1.fc24.x86_64

nm-vpn 1.2.x does not support this yet. Was added for 1.4, not backported as of now:

https://git.gnome.org/browse/network-manager-vpnc/commit/?id=cdad999c132e1e9ef611c255ffd4843e3a3d12c4
Comment 12 rh 2016-06-28 13:42:01 EDT
Sorry, misunderstood the blog update (https://blogs.gnome.org/lkundrak/2016/04/20/networkmanager-1-2-is-here/).
Anyway, seems to work fine:) Thanks a lot!
Hope it will released in version 1.3 if not backported to 1.2.

Note You need to log in before you can comment on or make changes to this bug.