Description of problem: OpenConnect VPN connection via NetworkManager fails with the following messages in /var/log/messages: Aug 3 12:06:23 tweety NetworkManager[517]: <info> Starting VPN service 'openconnect'... Aug 3 12:06:23 tweety NetworkManager[517]: <info> VPN service 'openconnect' started (org.freedesktop.NetworkManager.openconnect), PID 7895 Aug 3 12:06:23 tweety NetworkManager[517]: <info> VPN service 'openconnect' appeared; activating connections Aug 3 12:06:36 tweety fprintd[7859]: ** Message: No devices in use, exit Aug 3 12:06:37 tweety NetworkManager[517]: <info> VPN plugin state changed: starting (3) Aug 3 12:06:37 tweety NetworkManager[517]: <info> VPN connection 'Mycompany Corp.' (Connect) reply received. Aug 3 12:06:37 tweety NetworkManager[517]: <warn> /sys/devices/virtual/net/vpn0: couldn't determine device driver; ignoring... Aug 3 12:06:37 tweety openconnect[7909]: Attempting to connect to server ipaddressremoved:443 Aug 3 12:06:38 tweety openconnect[7909]: SSL negotiation with myaccess.mycompanyvpn.com Aug 3 12:06:38 tweety openconnect[7909]: Connected to HTTPS on myaccess.mycompanyvpn.com Aug 3 12:06:39 tweety openconnect[7909]: Got inappropriate HTTP CONNECT response: HTTP/1.1 401 Unauthorized Aug 3 12:06:39 tweety avahi-daemon[473]: Withdrawing workstation service for vpn0. Aug 3 12:06:39 tweety NetworkManager[517]: <warn> VPN plugin failed: 0 Aug 3 12:06:39 tweety NetworkManager[517]: <info> VPN plugin state changed: stopped (6) Aug 3 12:06:39 tweety NetworkManager[517]: <info> VPN plugin state change reason: 10 Aug 3 12:06:39 tweety NetworkManager[517]: <info> Policy set 'wargames' (wlp2s0) as default for IPv4 routing and DNS. Aug 3 12:06:39 tweety NetworkManager[517]: <warn> error disconnecting VPN: Could not process the request because no VPN connection was active. Aug 3 12:06:44 tweety NetworkManager[517]: <info> VPN service 'openconnect' disappeared Aug 3 12:07:06 tweety /etc/gdm/Xsession[7048]: (process:7913): GLib-CRITICAL **: g_slice_set_config: assertion `sys_page_size == 0' failed Aug 3 12:07:11 tweety /etc/gdm/Xsession[7048]: Avviso del window manager: Buggy client sent a _NET_ACTIVE_WINDOW message with a timestamp of 0 for 0x2e0007f (Mozilla Fi) Aug 3 12:07:11 tweety /etc/gdm/Xsession[7048]: Avviso del window manager: meta_window_activate called by a pager with a 0 timestamp; the pager needs to be fixed. Works fine on command line as root. Version-Release number of selected component (if applicable): openconnect-5.01-1.fc19.x86_64 gnome-desktop3-3.8.2-2.fc19.x86_64 NetworkManager-openconnect-0.9.7.0-2.git20120918.fc19.x86_64 How reproducible: Define a new Openconnect VPN and try to start it in the graphical interface. Steps to Reproduce: 1. define a simple openconnect connection via network manager applet 2. specify a vpn gateway 3. save it 4. tail -100f /var/log/messages in a shell as root 5. try to connect 6. see the above messages Actual results: VPN connection cannot start Expected results: VPN connection starts Additional info: Worked perfectly in f18.
We have the exact same problem, although another openconnect VPN works fine: This happens with the failing one: Dec 18 09:45:58 golem NetworkManager[924]: <info> VPN plugin state changed: starting (3) Dec 18 09:45:58 golem NetworkManager[924]: <info> VPN connection 'TU-Berlin' (Connect) reply received. Dec 18 09:45:58 golem NetworkManager[924]: <warn> /sys/devices/virtual/net/vpn0: couldn't determine device driver; ignoring... Dec 18 09:45:58 golem openconnect[1375]: Attempting to connect to server 130.149.5.50:443 Dec 18 09:45:58 golem openconnect[1375]: SSL negotiation with vpn.tu-berlin.de Dec 18 09:45:58 golem openconnect[1375]: Connected to HTTPS on vpn.tu-berlin.de Dec 18 09:45:58 golem openconnect[1375]: Got inappropriate HTTP CONNECT response: HTTP/1.1 401 Unauthorized Dec 18 09:45:58 golem avahi-daemon[792]: Withdrawing workstation service for vpn0. Dec 18 09:45:59 golem NetworkManager[924]: <warn> VPN plugin failed: 0 Dec 18 09:45:59 golem NetworkManager[924]: <info> VPN plugin state changed: stopped (6) Dec 18 09:45:59 golem NetworkManager[924]: <info> VPN plugin state change reason: 10 Dec 18 09:45:59 golem NetworkManager[924]: <info> Policy set 'Auto Fuchsbau25' (wlp3s0) as default for IPv4 routing and DNS. Dec 18 09:45:59 golem NetworkManager[924]: <warn> error disconnecting VPN: Could not process the request because no VPN connection was active. Dec 18 09:45:59 golem nm-applet[1629]: (nm-applet:1629): nm-applet-WARNING **: Failed to show notification: GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.freedesktop.Notifications was not provided by any .service files Dec 18 09:45:59 golem NetworkManager[924]: keyfile: updating /etc/NetworkManager/system-connections/TU-Berlin Dec 18 09:46:04 golem NetworkManager[924]: <info> VPN service 'openconnect' disappeared Manual connection works: λ ~/ sudo openconnect vpn.tu-berlin.de POST https://vpn.tu-berlin.de/ Attempting to connect to server 130.149.5.50:443 SSL negotiation with vpn.tu-berlin.de Connected to HTTPS on vpn.tu-berlin.de Got HTTP response: HTTP/1.0 302 Temporary moved POST https://asa-03.vpn.tu-berlin.de/ Attempting to connect to server 130.149.5.53:443 SSL negotiation with asa-03.vpn.tu-berlin.de Connected to HTTPS on asa-03.vpn.tu-berlin.de Got HTTP response: HTTP/1.0 302 Object Moved GET https://vpn.tu-berlin.de/ SSL negotiation with vpn.tu-berlin.de Connected to HTTPS on vpn.tu-berlin.de Got HTTP response: HTTP/1.0 302 Object Moved GET https://vpn.tu-berlin.de/+webvpn+/index.html SSL negotiation with vpn.tu-berlin.de Connected to HTTPS on vpn.tu-berlin.de Please enter your username and password. Username:<USER> Password:<PASSWORD> POST https://vpn.tu-berlin.de/+webvpn+/index.html Got CONNECT response: HTTP/1.1 200 OK CSTP connected. DPD 30, Keepalive 20 Connected tun0 as <IP>, using SSL Established DTLS connection (using GnuTLS) This one also works from NetworkManager, it obviously uses a different protocol (XML POST): λ ~/ sudo openconnect vpn.fu-berlin.de POST https://vpn.fu-berlin.de/ Attempting to connect to server 160.45.252.2:443 SSL negotiation with vpn.fu-berlin.de Connected to HTTPS on vpn.fu-berlin.de XML POST enabled Please enter your username and password. Username:<USER> Password:<PASSWORD> POST https://vpn.fu-berlin.de/ Got CONNECT response: HTTP/1.1 200 OK CSTP connected. DPD 30, Keepalive 20 Connected tun0 as <IP>, using SSL Established DTLS connection (using GnuTLS)
openconnect-5.02-1.fc19 has been submitted as an update for Fedora 19. https://admin.fedoraproject.org/updates/openconnect-5.02-1.fc19
openconnect-5.02-1.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/openconnect-5.02-1.fc20
openconnect-5.02-1.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
openconnect-5.02-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.