Bug 619469 - NetworkManager VPNC cannot connect
NetworkManager VPNC cannot connect
Status: CLOSED DUPLICATE of bug 514071
Product: Fedora
Classification: Fedora
Component: NetworkManager-vpnc (Show other bugs)
13
All Linux
low Severity medium
: ---
: ---
Assigned To: Dan Williams
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2010-07-29 11:44 EDT by David Chin
Modified: 2010-10-15 09:20 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-10-15 09:20:01 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description David Chin 2010-07-29 11:44:04 EDT
Description of problem:

Using a VPNC profile created with NetworkManager itself, NM cannot connect to the VPN.

Version-Release number of selected component (if applicable):

NetworkManager-0.8.1-1.fc13.x86_64
NetworkManager-vpnc-0.8.0-1.git20100411.fc13.x86_64
vpnc-0.5.3-7.fc13.x86_64
vpnc-consoleuser-0.5.3-7.fc13.x86_64


How reproducible:

Every time I attempt to connect to VPN.

Steps to Reproduce:
1. Create VPNC profile in NetworkManager
2. Click on NM icon in Notification Area and select appropriate VPN connection.
  
Actual results:

NM icon shows busy for several seconds. Then, error "bubble" pops up with this message: VPN Connection Failed. The VPN connection 'My VPN name' failed.

Expected results:

VPN connection to succeed.

Additional info:
2.6.33.6-147.fc13.x86_64 #1 SMP Tue Jul 6 22:32:17 UTC 2010 x86_64 x86_64 x86_64 GNU/Linux

I have SELinux Disabled. IP address and other network configs are manually (statically) set.

Attempts at using commandline version of vpnc. The 5th attempt below works (i.e. sudo with --local-port 0).

1. Using vpnc-consoleuser:

/usr/bin/vpnc ~/etc/vpnc/FooBar.conf 
Enter IPSec gateway address: 111.222.333.444
Enter IPSec ID for 111.222.333.444: FooBar
Enter IPSec secret for FooBar@111.222.333.444: ******** 
Enter username for 111.222.333.444: myname
Enter password for myname@111.222.333.444: 
/usr/sbin/vpnc: no response from target


2. Using vpnc directly:

/usr/sbin/vpnc ~/etc/vpnc/FooBar.conf
Enter password for myname@111.222.333.444: 
/usr/sbin/vpnc: Error binding to source port. Try '--local-port 0'
Failed to bind to 0.0.0.0:500: Permission denied


3. Using vpnc specifying '--local-port 0' (i.e. random port):

/usr/sbin/vpnc --local-port 0 ~/etc/vpnc/FooBar.conf
Enter password for myname@111.222.333.444: 
/usr/sbin/vpnc: can't initialise tunnel interface: Operation not permitted


4. Using vpnc with sudo:

sudo /usr/sbin/vpnc ~/etc/vpnc/FooBar.conf
Enter password for myname@111.222.333.444: 
/usr/sbin/vpnc: no response from target


5. Using vpnc with sudo and '--local-port 0':

sudo /usr/sbin/vpnc --local-port 0 ~/etc/vpnc/FooBar.conf
Enter password for myname@111.222.333.444: 
VPNC started in background (pid: 1120)...
Comment 1 David Chin 2010-07-29 11:46:21 EDT
To clarify: The file FooBar.conf for VPNC contains the same info as the NM profile, except I stored the obfuscated IPSec secret in the .conf.
Comment 2 David Chin 2010-07-29 12:55:25 EDT
Snippet from /var/log/messages showing NetworkManager log:


Jul 29 11:32:48 mymachine NetworkManager[1539]: <info> Starting VPN service 'org.freedesktop.NetworkManager.vpnc'...
Jul 29 11:32:48 mymachine NetworkManager[1539]: <info> VPN service 'org.freedesktop.NetworkManager.vpnc' started (org.freedesktop.NetworkManager.vpnc), PID 32544
Jul 29 11:32:48 mymachine NetworkManager[1539]: <info> VPN service 'org.freedesktop.NetworkManager.vpnc' appeared, activating connections
Jul 29 11:32:48 mymachine NetworkManager[1539]: <info> VPN plugin state changed: 3
Jul 29 11:32:48 mymachine NetworkManager[1539]: <info> VPN connection 'FooBar' (Connect) reply received.
Jul 29 11:32:48 mymachine kernel: tun0: Disabled Privacy Extensions
Jul 29 11:33:03 mymachine NetworkManager[1539]: <warn> VPN plugin failed: 1
Jul 29 11:33:03 mymachine NetworkManager[1539]: <info> VPN plugin state changed: 6
Jul 29 11:33:03 mymachine NetworkManager[1539]: <info> VPN plugin state change reason: 0
Jul 29 11:33:03 mymachine NetworkManager[1539]: <warn> error disconnecting VPN: Could not process the request because no VPN connection was active.
Jul 29 11:33:03 mymachine NetworkManager[1539]: <info> Policy set 'System eth0' (eth0) as default for IPv4 routing and DNS.
Comment 3 David Chin 2010-08-30 10:28:44 EDT
Made sure that the ipsec service was off, which it was. No change: connection still fails.

And then, tried removing the openswan package. No change: connection still fails.
Comment 4 Toni Willberg 2010-08-30 11:03:30 EDT
duplicate of bug #514071 ?
Comment 5 Jirka Klimes 2010-10-15 09:19:36 EDT
Yeah, it's duplicate of bug 514071. Why do you open new bug, David?

It is definitely something sitting on port 500 as indicated by
> /usr/sbin/vpnc ~/etc/vpnc/FooBar.conf
> Enter password for myname@111.222.333.444: 
> /usr/sbin/vpnc: Error binding to source port. Try '--local-port 0'
> Failed to bind to 0.0.0.0:500: Permission denied

Please check once more that the port is free.
I fixed the issue in bug 514071.
Comment 6 Jirka Klimes 2010-10-15 09:20:01 EDT

*** This bug has been marked as a duplicate of bug 514071 ***

Note You need to log in before you can comment on or make changes to this bug.