Description of problem: Sometimes since around RHEL 6.3 NM-openvpn connection gets created but no connection actually exists (even ping to the in-VPN DNS server stalls). Version-Release number of selected component (if applicable): NetworkManager-glib-0.8.1-26.el6.x86_64 NetworkManager-gnome-0.8.1-26.el6.x86_64 NetworkManager-openswan-0.8.0-8.el6.x86_64 NetworkManager-openvpn-0.8.1-0.1.git20100609.el6.x86_64 NetworkManager-0.8.1-26.el6.x86_64 openvpn-2.2.1-1.el6.x86_64 How reproducible: 100% Steps to Reproduce: 1.connect with NM-openvpn module 2.connection gets created (lock is attached to the icon) 3.ping <IP address of an internal DNS server> Actual results: nothing, connection gets stalled Expected results: working connection Additional info:
I'm hitting it too, when I add manually the network ranges to the tun0 device, the connection starts working. Relevant part of log are these two errors (already in Matěj's attachments), I presume one of them is for each route added: Apr 3 21:34:18 dhcp-29-7 NetworkManager[10201]: <error> [1333481658.589502] [nm-system.c:187] nm_system_device_set_ip4_route(): (tun0): failed to set IPv4 route: Netlink Error (errno = No such process) Apr 3 21:34:18 dhcp-29-7 NetworkManager[10201]: <error> [1333481658.589619] [nm-system.c:187] nm_system_device_set_ip4_route(): (tun0): failed to set IPv4 route: Netlink Error (errno = No such process) and NM marks such route-less connection as complete which is a separate bug IMO: Apr 3 21:34:18 dhcp-29-7 NetworkManager[10201]: <info> VPN connection 'Red Hat AMS2 OVPN' (IP Config Get) complete. I'm also wondering if this is bug in NetworkManager proper rather than in NetworkManager-gnome
IMHO, the current theory is that it is NM-openvpn which hasn't been updated to work with the current NM.
There was a bug in a Fedora beta at one point where NM-openvpn couldn't get a route if selinux was enabled. Can you check if it's that?
(In reply to comment #5) > There was a bug in a Fedora beta at one point where NM-openvpn couldn't get a > route if selinux was enabled. Can you check if it's that? This is not the case, no AVCs are generated when connecting to the openvpn and when I set selinux to permissive mode, the problem does not go away.
The problem was introduced in NetworkManager-0.8.1-25.el6, while adding VLAN support. It's not connected with selinux, but libnl handling. The fix is available in NetworkManager-0.8.1-29.el6.
(In reply to comment #7) > The problem was introduced in NetworkManager-0.8.1-25.el6, while adding VLAN > support. It's not connected with selinux, but libnl handling. > > The fix is available in NetworkManager-0.8.1-29.el6. Confirming ... upgrade to NetworkManager-openvpn-0.8.1-0.1.git20100609.el6.x86_64 NetworkManager-gnome-0.8.1-29.el6.x86_64 NetworkManager-glib-0.8.1-29.el6.x86_64 NetworkManager-0.8.1-29.el6.x86_64 made OpenVPN plugin working again
*** Bug 809620 has been marked as a duplicate of this bug. ***