Description of problem: When using NM-vpnc (and NM-openvpn, but it is not that much relevant there, because it is more stable) I can see when the VPN connection is down (because of failed 23 hours rekeying or something), because then NM icon in the status bar looses the padlock icon. Unfortunately, when using NM-openswan the padlock icon is still there even though ping <server inside of VPN> doesn't give any response. If nothing else is possible, couldn't NM-openswan ping some computer inside of VPN to check the connection is actually up? Version-Release number of selected component (if applicable): NetworkManager-openswan-0.8.0-5.20100411git.fc14.x86_64 How reproducible: 100% Steps to Reproduce: 1.make VPN connection with NM-openswan 2.wait 3. Actual results: When the connection falls down, there is still padlock on the NM icon Expected results: When the connection is down, padlock should be removed Additional info:
I looked at this, here is the reason. Openswan does not create any interface like tun0 something done by vpnc. When tun0 is down, NM gets to know about it, and takes care of removing the padlock. However, as there is no such interface with Openswan, NM never comes to know about it, and does not take padlock icon away. It will probably require changes in NM, so that when openswan connection goes down, and it should take this padlock away, or it will require creating tun like interface in Openswan (but Openswan upstream does not seem comfortable with it).
So, what to do? Switch this to NM bug?
Specifically, if NM can track ip address add/delete events in addition to network interface up/down events, then it can work for Openswan. I will send email to Dan Williams, and see what are his views.
this affects RHEL 6.0 also
This has been solved in rhel (705890 738385) and patches have been upstream nm-openswan and openswan so closing it as fixed.