Description of problem: Using the openvpn functionality in NetworkManager fails, but using the openvpn command directly works. Version-Release number of selected component (if applicable): openvpn-2.1.1-2.fc12.x86_64 NetworkManager-openvpn-0.7.996-4.git20090923.fc12.x86_64 NetworkManager-0.7.997-2.git20091214.fc12.x86_64 How reproducible: Every time. Steps to Reproduce: 1. Follow instructions at http://forum.vpsville.ca/index.php?t=msg&th=145&start=0 and import the config file using NetworkManager. Attempt to connect. Fails. 2. Follow the instructions and connect using 'openvpn --config vpsville.ovpn'. Works. Actual results: "VPN connection Failed" notification. /var/log/messages reads: Feb 11 20:16:18 nibbler NetworkManager: <info> Starting VPN service 'org.freedesktop.NetworkManager.openvpn'... Feb 11 20:16:18 nibbler NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 7289 Feb 11 20:16:18 nibbler NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.openvpn' just appeared, activating connections Feb 11 20:16:18 nibbler NetworkManager: <info> VPN plugin state changed: 1 Feb 11 20:16:18 nibbler NetworkManager: <info> VPN plugin state changed: 3 Feb 11 20:16:18 nibbler nm-openvpn[7291]: OpenVPN 2.1.1 x86_64-redhat-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Jan 5 2010 Feb 11 20:16:18 nibbler nm-openvpn[7291]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Feb 11 20:16:18 nibbler nm-openvpn[7291]: WARNING: file '/home/nibbler/static.key' is group or others accessible Feb 11 20:16:18 nibbler nm-openvpn[7291]: LZO compression initialized Feb 11 20:16:18 nibbler nm-openvpn[7291]: TUN/TAP device tun0 opened Feb 11 20:16:18 nibbler nm-openvpn[7291]: /sbin/ip link set dev tun0 up mtu 1500 Feb 11 20:16:18 nibbler kernel: tun0: Disabled Privacy Extensions Feb 11 20:16:18 nibbler NetworkManager: <info> VPN connection 'vpsville' (Connect) reply received. Feb 11 20:16:18 nibbler nm-openvpn[7291]: /sbin/ip addr add dev tun0 local 172.16.10.2 peer 172.16.10.1 Feb 11 20:16:18 nibbler nm-openvpn[7291]: /usr/libexec/nm-openvpn-service-openvpn-helper tun0 1500 1547 172.16.10.2 172.16.10.1 init Feb 11 20:16:18 nibbler NetworkManager: <info> VPN plugin failed: 2 Feb 11 20:16:18 nibbler nm-openvpn[7291]: script failed: external program exited with error status: 1 Feb 11 20:16:18 nibbler nm-openvpn[7291]: Exiting Feb 11 20:16:18 nibbler NetworkManager: <info> VPN plugin failed: 1 Feb 11 20:16:18 nibbler NetworkManager: <info> VPN plugin state changed: 6 Feb 11 20:16:18 nibbler NetworkManager: <info> VPN plugin state change reason: 0 Feb 11 20:16:18 nibbler NetworkManager: <WARN> connection_state_changed(): Could not process the request because no VPN connection was active. Feb 11 20:16:18 nibbler NetworkManager: <info> Policy set 'Auto NeoSoftHouse' (wlan0) as default for routing and DNS. Expected results: A working VPN connection. Additional info: Output from 'openvpn --config vpsville.ovpn': [root@nibbler nibbler]# openvpn --config vpsville.ovpn Thu Feb 11 20:15:30 2010 OpenVPN 2.1.1 x86_64-redhat-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Jan 5 2010 Thu Feb 11 20:15:30 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Thu Feb 11 20:15:30 2010 WARNING: file '/home/nibbler/static.key' is group or others accessible Thu Feb 11 20:15:30 2010 Static Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Thu Feb 11 20:15:30 2010 Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Thu Feb 11 20:15:30 2010 Static Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Thu Feb 11 20:15:30 2010 Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Thu Feb 11 20:15:30 2010 LZO compression initialized Thu Feb 11 20:15:30 2010 ROUTE default_gateway=77.221.0.1 Thu Feb 11 20:15:30 2010 TUN/TAP device tun0 opened Thu Feb 11 20:15:30 2010 TUN/TAP TX queue length set to 100 Thu Feb 11 20:15:30 2010 /sbin/ip link set dev tun0 up mtu 1500 Thu Feb 11 20:15:30 2010 /sbin/ip addr add dev tun0 local 172.16.10.2 peer 172.16.10.1 Thu Feb 11 20:15:30 2010 /sbin/ip route add 77.74.199.62/32 via 77.221.0.1 Thu Feb 11 20:15:30 2010 /sbin/ip route add 0.0.0.0/1 via 172.16.10.1 Thu Feb 11 20:15:30 2010 /sbin/ip route add 128.0.0.0/1 via 172.16.10.1 Thu Feb 11 20:15:30 2010 Data Channel MTU parms [ L:1547 D:1450 EF:47 EB:135 ET:0 EL:0 AF:3/1 ] Thu Feb 11 20:15:30 2010 Local Options hash (VER=V4): '738119e3' Thu Feb 11 20:15:30 2010 Expected Remote Options hash (VER=V4): '9167d5f8' Thu Feb 11 20:15:30 2010 Attempting to establish TCP connection with 77.74.199.62:12056 [nonblock] Thu Feb 11 20:15:31 2010 TCP connection established with 77.74.199.62:12056 Thu Feb 11 20:15:31 2010 Socket Buffers: R=[87380->131072] S=[16384->131072] Thu Feb 11 20:15:31 2010 TCPv4_CLIENT link local: [undef] Thu Feb 11 20:15:31 2010 TCPv4_CLIENT link remote: 77.74.199.62:12056 Thu Feb 11 20:15:31 2010 Peer Connection Initiated with 77.74.199.62:12056 Thu Feb 11 20:15:32 2010 Initialization Sequence Completed vpsville.ovpn: dev tun remote 77.74.199.62 ifconfig 172.16.10.2 172.16.10.1 keepalive 10 60 proto tcp-client port 12056 persist-tun persist-key comp-lzo verb 3 # uncomment the following line if you want ALL traffic going through your VPSVille VPN redirect-gateway def1 secret /home/nibbler/static.key
Just noticed some additional messages in ~/.xsession-errors ** (nm-connection-editor:7112): WARNING **: Invalid setting VPN: static-key and ** (nm-applet:1534): WARNING **: handle_property_changed: property 'vpn-state' changed but wasn't defined by object type NMVPNConnection.
Was recently fixed upstream: http://git.gnome.org/browse/network-manager-openvpn/commit/?id=1f19af065e71cd3f17e1720f09c637e8f2e8fbe3 should make its way into an F12 update quite soon.
NetworkManager-openvpn-0.8-2.git20100411.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/NetworkManager-openvpn-0.8-2.git20100411.fc13
NetworkManager-openvpn-0.8-2.git20100411.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/NetworkManager-openvpn-0.8-2.git20100411.fc12
NetworkManager-openvpn-0.8-2.git20100411.fc12 has been pushed to the Fedora 12 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update NetworkManager-openvpn'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/NetworkManager-openvpn-0.8-2.git20100411.fc12
NetworkManager-openvpn-0.8.1-1.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/NetworkManager-openvpn-0.8.1-1.fc13
NetworkManager-openvpn-0.8.1-1.fc13 has been pushed to the Fedora 13 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update NetworkManager-openvpn'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/NetworkManager-openvpn-0.8.1-1.fc13
NetworkManager-openvpn-0.8.1-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.