Red Hat Bugzilla – Bug 845599
Cannot connect to Cisco VPN using NM-openswan plugin
Last modified: 2013-11-02 13:43:25 EDT
Description of problem:
Cannot connect to Cisco VPN with NetworkManager-openswan. Using openswan directly works as expected.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Create a VPN profile to connect to a Cisco VPN endpoint
2. Attempt to connect
nothing happens, connection fails, but there is no notification why.
connection is established.
Proposing as a blocker since openswan is only VPN solution provided by Networkmanager.
openswan does not use tun interface, so ip_iface and ip_ifindex are not valid.
Aug 3 16:07:04 dhcp-29-57 NetworkManager: nm_system_iface_set_up: assertion `ifindex > 0' failed
Aug 3 16:07:04 dhcp-29-57 NetworkManager: nm_system_apply_ip4_config: assertion `ifindex > 0' failed
Aug 3 16:07:04 dhcp-29-57 NetworkManager: <warn> VPN connection 'RH' did not receive valid IP config information.
The assertions are fixed by:
However, we need to make some changes in both NM and the NM-openswan plugin in order to make openswan work again. See attached patches.
Created attachment 663111 [details]
[PATCH] NM patch correcting the behaviour when no tun device is used
This patch allows VPN connections not to use tun device.
Created attachment 663112 [details]
[PATCH] NM-openswan plugin patch indicating no tun is used
This patch makes NM-openswan tell NM that tun device is not used.
(In reply to comment #6)
> Created attachment 663112 [details]
> [PATCH] NM-openswan plugin patch indicating no tun is used
> This patch makes NM-openswan tell NM that tun device is not used.
I can add this patch to NM-openswan, but on RHEL6 it works without this patch. Thats why I created bug 865883 as it is a regression.
I have committed the NM-openswan patch into f19/f18 and rhel7 and new builds have been created.
This bug should probably be closed with CURRENT_RELEASE?