Hide Forgot
Description of problem: When trying to connect to a Cisco VPN via NetworkManager in Gnome 3, connection fails after some seconds without reason. If I try to build up the connection via shell command "vpnc /etc/vpnc/my-conf-file.conf" (as root), everything works fine. Version-Release number of selected component (if applicable): NetworkManager-vpnc.x86_64 1:0.8.999-2.fc15 vpnc.x86_64 0.5.3-9.fc15 How reproducible: always Steps to Reproduce: 1. try to connect to a cisco vpn via networkmanager 2. 3. Actual results: connection fails Expected results: connecting properly to vpnc like with command "vpnc". Additional info: /var/log/messages reveals: Jun 3 10:16:18 fedora vpnc[1832]: can't open pidfile /var/run/vpnc/pid for writing Jun 3 10:16:19 fedora NetworkManager[812]: <info> VPN connection 'my-vpnc-host' (IP Config Get) complete. Jun 3 10:16:19 fedora NetworkManager[812]: <info> Policy set 'my-vpnc-host (automatisch)' (wlan0) as default for IPv4 routing and DNS. Jun 3 10:16:19 fedora NetworkManager[812]: <info> VPN plugin state changed: 4 Jun 3 10:18:46 fedora vpnc[1832]: select: Interrupted system call Jun 3 10:18:46 fedora vpnc[1832]: terminated by signal: 15
Creating the directory /var/run/vpnc manually before connecting does NOT solve this problem! Touching /var/run/vpnc/pid manually even produces selinux-errors (since the context for /var/run/vpnc/pid is wrong, of course)...
This problem persists, even though I don't get the error concerning /var/run/vpnc/pid anymore. I'm still not able to establish a vpnc connection via NetworkManager. It works with shell command "vpnc my-vpnc.conf" though.
Still no connection to vpnc via NetworkManager. It works in Ubuntu 11.04, Ubuntu 10.10, Scientific Linux 5.6 and with Fuduntu (which is basically Fedora 14). So why doesn't it work with Fedora 15? NetworkManager version is: 1:0.8.9997-5.git20110702.fc15 and NetworkManager-vpnc: 1:0.8.999-2.fc15 vpnc: 0.5.3-9.fc15
Still not working in Fedora 16 (x86_64) running Gnome. Still the same behaviour of NetworkManager. I still have to use the command-line "vpnc" to connect. Is this so hard to solve?
Issue persists on Fedora 16, i.e. NetworkManager can't establish a cisco-vpn-connection (without error messages), even though setting up the connection with "vpnc" manually works flawlessly. NetworkManager.x86_64 1:0.9.2-1.fc16 NetworkManager-vpnc.x86_64 1:0.9.0-1.fc16 vpnc.x86_64 0.5.3-13.svn457.fc16
Can you paste the config you're using when running vpnc manually? Also, you can get a lot more debug output from the NM side if you, as root: 1) killall -TERM nm-vpnc-service 2) /usr/libexec/nm-vpnc-service --debug --persist 3) attempt to connect to the VPN which will give us more information. That log *will* contain sensitive information, so feel free to mark the attachment private or analyze it. I believe it's likely a case of missing configuration on the NM side of things.
My vpnc-config is really short, so no need for an attachment: IPSec gateway XXX.XXX.XXX.XXX IPSec ID <any-id> IPSec secret <any-secret> Xauth username <any-username> Xauth password <any-password> Please note, that the "secret" contains an exclamation mark as well as a dollar sign. All other characters in the config are numbers, hyphens and letters. But I don't think "$" or "!" are possible problems. Unfortunately, I won't be able to provide you with the output of nm-vpnc-service in the next 20 days, since I'm on holiday and don't have access to a Cicso VPN before April. But I will bookmark this Bug report and answer as soon as possible.
Created attachment 575096 [details] Output from nm-vpnc-service --debug Please note, that I double checked that all data in the nm-vpnc-config is the same as in the vpnc-config. I have no idea, why there is "no response from target". With vpnc it _never_ fails.
For what it's worth, it appears to work fine in f17.
Yes, at the moment I think you are right. But it needs some further testing with my university's old cisco vpn. I'm going to make some more tests in the next week and if everything works fine, I will mark this bug WORKSFORME, since I'm not using Fedora 16 anymore.
There should be no difference between F16 and F17 as the latest packages NetworkManager-0.9.4-6.git20120521.fc16 NetworkManager-0.9.4.0-9.git20120521.fc17 are based on the same code.
Indeed, there is no difference between Fedora 16 and Fedora 17 - it still doesn't work. In the meantime I had the opportunity to test it in the old environment - still the same problem as reported in the first post.
VPNC connection works without any problem for me both using NetworkManager and plain vpnc with latest F17 packages: vpnc-0.5.3-14.svn457.fc17.x86_64 NetworkManager-0.9.4.0-9.git20120521.fc17.x86_64 NetworkManager-vpnc-0.9.3.997-1.fc17.x86_64 kernel-3.5.2-3.fc17.x86_64 tuxor, if you still experience the issue would you post your package versions and debug output from running plain vpnc to compare with comment #8's log. You can enable debug logs by adding the following two lines to your vpnc conf file: No Detach Debug 3 Some (hopefully) related links: http://lists.unix-ag.uni-kl.de/pipermail/vpnc-devel/2011-July/003567.html https://bugs.launchpad.net/ubuntu/+source/vpnc/+bug/1021225 https://bugs.launchpad.net/ubuntu/+source/vpnc/+bug/257451
I won't be able to run tests before October, because I'm not anywhere near the university network where I'm usually reliant on a working vpnc connection. But I promise, I'm going to report back as soon as possible. Meanwhile Yann Soubeyrand asked me to forward his latest finding that he already mentioned in the gnome bugzilla (see https://bugzilla.gnome.org/show_bug.cgi?id=567122): "I've tried to run VPNC manually with all the options network-manager-vpnc uses and it works with all the parameters except --local-port 0."
GUI option for Local Port has been added to Advanced dialog in vpnc plugin: e0fe5b3b12e94fbcbca305b358f962bf6a5cbfa1 (master)
Jiri Klimes' suggestion helped: "In the meantime, you can add this line Local Port=500 into [vpn] section of /etc/NetworkManager/system-connections/<your_vpn_file>" It solves the issue for me. I haven't had the opportunity testing the GUI option though. If you want you can mark this bug solved. I will wait for the GUI option before marking it solved myself.
Fedora 16 changed to end-of-life (EOL) status on 2013-02-12. Fedora 16 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. Thank you for reporting this bug and we are sorry it could not be fixed.