[Bug 390127] [NEW] Network Manager OpenVPN fails to connect
rlogiacco
rlogiacco at smartlab.net
Sun Jun 21 03:17:15 UTC 2009
Public bug reported:
Binary package hint: network-manager-openvpn
When I try to connect to my company vpn using openvpn the applet reports
the connection is established but no packet is able to pass through the
tunnel.
Here follows the excerpt from the syslog regarding the connection start:
Jun 21 05:04:55 smartnote NetworkManager: <info> Starting VPN service 'org.freedesktop.NetworkManager.openvpn'...
Jun 21 05:04:55 smartnote NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 31975
Jun 21 05:04:55 smartnote NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.openvpn' just appeared, activating connections
Jun 21 05:04:55 smartnote NetworkManager: <info> VPN plugin state changed: 1
Jun 21 05:04:55 smartnote NetworkManager: <info> VPN plugin state changed: 3
Jun 21 05:04:55 smartnote NetworkManager: <info> VPN connection 'smartlab.net' (Connect) reply received.
Jun 21 05:04:55 smartnote nm-openvpn[31979]: OpenVPN 2.1_rc11 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Mar 9 2009
Jun 21 05:04:55 smartnote nm-openvpn[31979]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Jun 21 05:04:55 smartnote nm-openvpn[31979]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jun 21 05:04:55 smartnote nm-openvpn[31979]: WARNING: file '/home/rlogiacco/vpn/rlogiacco.key' is group or others accessible
Jun 21 05:04:55 smartnote nm-openvpn[31979]: /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>
Jun 21 05:04:55 smartnote nm-openvpn[31979]: WARNING: file '/home/rlogiacco/vpn/tls-auth.key' is group or others accessible
Jun 21 05:04:55 smartnote nm-openvpn[31979]: Control Channel Authentication: using '/home/rlogiacco/vpn/tls-auth.key' as a OpenVPN static key file
Jun 21 05:04:55 smartnote nm-openvpn[31979]: UDPv4 link local: [undef]
Jun 21 05:04:55 smartnote nm-openvpn[31979]: UDPv4 link remote: 87.24.149.179:1194
Jun 21 05:04:57 smartnote nm-openvpn[31979]: WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1573', remote='link-mtu 1589'
Jun 21 05:04:57 smartnote nm-openvpn[31979]: WARNING: 'cipher' is used inconsistently, local='cipher BF-CBC', remote='cipher AES-128-CBC'
Jun 21 05:04:57 smartnote nm-openvpn[31979]: [www.smartlab.net] Peer Connection Initiated with 87.24.149.179:1194
Jun 21 05:04:58 smartnote nm-openvpn[31979]: Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:3: ip-win32 (2.1_rc11)
Jun 21 05:04:58 smartnote nm-openvpn[31979]: TUN/TAP device tap0 opened
Jun 21 05:04:58 smartnote nm-openvpn[31979]: /sbin/ifconfig tap0 192.168.254.2 netmask 255.255.255.0 mtu 1500 broadcast 192.168.254.255
Jun 21 05:04:58 smartnote avahi-daemon[3342]: Joining mDNS multicast group on interface tap0.IPv4 with address 192.168.254.2.
Jun 21 05:04:58 smartnote avahi-daemon[3342]: New relevant interface tap0.IPv4 for mDNS.
Jun 21 05:04:58 smartnote avahi-daemon[3342]: Registering new address record for 192.168.254.2 on tap0.IPv4.
Jun 21 05:04:58 smartnote nm-system-settings: SCPlugin-Ifupdown: device added (udi: /org/freedesktop/Hal/devices/net_0a_2c_1a_cc_63_6f, iface: tap0): not well known
Jun 21 05:04:58 smartnote nm-openvpn[31979]: /usr/lib/network-manager-openvpn/nm-openvpn-service-openvpn-helper tap0 1500 1573 192.168.254.2 255.255.255.0 init
Jun 21 05:04:58 smartnote nm-openvpn[31979]: Initialization Sequence Completed
Jun 21 05:04:58 smartnote NetworkManager: <info> VPN connection 'smartlab.net' (IP Config Get) reply received.
Jun 21 05:04:58 smartnote NetworkManager: <info> VPN Gateway: 87.24.149.179
Jun 21 05:04:58 smartnote NetworkManager: <info> Internal Gateway: 192.168.254.1
Jun 21 05:04:58 smartnote NetworkManager: <info> Tunnel Device: tap0
Jun 21 05:04:58 smartnote NetworkManager: <info> Internal IP4 Address: 192.168.254.2
Jun 21 05:04:58 smartnote NetworkManager: <info> Internal IP4 Prefix: 24
Jun 21 05:04:58 smartnote NetworkManager: <info> Internal IP4 Point-to-Point Address: 0.0.0.0
Jun 21 05:04:58 smartnote NetworkManager: <info> Maximum Segment Size (MSS): 0
Jun 21 05:04:58 smartnote NetworkManager: <info> Static Route: 192.168.3.0/24 Next Hop: 192.168.3.0
Jun 21 05:04:58 smartnote NetworkManager: <info> Static Route: 192.168.10.0/24 Next Hop: 192.168.10.0
Jun 21 05:04:58 smartnote NetworkManager: <info> Internal IP4 DNS: 192.168.3.1
Jun 21 05:04:58 smartnote NetworkManager: <info> DNS Domain: 'smartlab.net'
Jun 21 05:04:58 smartnote NetworkManager: <info> Login Banner:
Jun 21 05:04:58 smartnote NetworkManager: <info> -----------------------------------------
Jun 21 05:04:58 smartnote NetworkManager: <info> (null)
Jun 21 05:04:58 smartnote NetworkManager: <info> -----------------------------------------
Jun 21 05:04:58 smartnote avahi-daemon[3342]: Withdrawing address record for 192.168.254.2 on tap0.
Jun 21 05:04:58 smartnote avahi-daemon[3342]: Leaving mDNS multicast group on interface tap0.IPv4 with address 192.168.254.2.
Jun 21 05:04:58 smartnote avahi-daemon[3342]: Interface tap0.IPv4 no longer relevant for mDNS.
Jun 21 05:04:58 smartnote avahi-daemon[3342]: Joining mDNS multicast group on interface tap0.IPv4 with address 192.168.254.2.
Jun 21 05:04:58 smartnote avahi-daemon[3342]: New relevant interface tap0.IPv4 for mDNS.
Jun 21 05:04:58 smartnote avahi-daemon[3342]: Registering new address record for 192.168.254.2 on tap0.IPv4.
Jun 21 05:04:59 smartnote NetworkManager: <info> (tap0): writing resolv.conf to /sbin/resolvconf
Jun 21 05:04:59 smartnote NetworkManager: <info> VPN connection 'smartlab.net' (IP Config Get) complete.
Jun 21 05:04:59 smartnote NetworkManager: <info> (tap0): writing resolv.conf to /sbin/resolvconf
Jun 21 05:04:59 smartnote NetworkManager: <info> Policy set 'smartlab.net' (tap0) as default for routing and DNS.
Jun 21 05:04:59 smartnote NetworkManager: <info> VPN plugin state changed: 4
Jun 21 05:04:59 smartnote nm-dispatcher.action: Script '/etc/NetworkManager/dispatcher.d/01ifupdown' exited with error status 1.
Jun 21 05:05:00 smartnote avahi-daemon[3342]: Registering new address record for fe80::82c:1aff:fecc:636f on tap0.*.
Jun 21 05:05:03 smartnote nm-system-settings: Added default wired connection 'Auto tap0' for /org/freedesktop/Hal/devices/net_0a_2c_1a_cc_63_6f
Jun 21 05:05:08 smartnote nm-openvpn[31979]: Authenticate/Decrypt packet error: cipher final failed
Jun 21 05:05:09 smartnote kernel: [52952.936146] tap0: no IPv6 routers present
Jun 21 05:05:18 smartnote nm-openvpn[31979]: Authenticate/Decrypt packet error: cipher final failed
Jun 21 05:05:48 smartnote last message repeated 3 times
When I stop the vpn connection this is what I get:
Jun 21 05:06:58 smartnote nm-openvpn[31979]: Authenticate/Decrypt packet error: cipher final failed
Jun 21 05:06:58 smartnote nm-openvpn[31979]: [www.smartlab.net] Inactivity timeout (--ping-restart), restarting
Jun 21 05:06:58 smartnote nm-openvpn[31979]: SIGUSR1[soft,ping-restart] received, process restarting
Jun 21 05:07:00 smartnote nm-openvpn[31979]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Jun 21 05:07:00 smartnote nm-openvpn[31979]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jun 21 05:07:00 smartnote nm-openvpn[31979]: Re-using SSL/TLS context
Jun 21 05:07:11 smartnote NetworkManager: <info> (tap0): writing resolv.conf to /sbin/resolvconf
Jun 21 05:07:11 smartnote avahi-daemon[3342]: Interface tap0.IPv4 no longer relevant for mDNS.
Jun 21 05:07:11 smartnote avahi-daemon[3342]: Leaving mDNS multicast group on interface tap0.IPv4 with address 192.168.254.2.
Jun 21 05:07:11 smartnote avahi-daemon[3342]: Withdrawing address record for fe80::82c:1aff:fecc:636f on tap0.
Jun 21 05:07:11 smartnote avahi-daemon[3342]: Withdrawing address record for 192.168.254.2 on tap0.
Jun 21 05:07:11 smartnote avahi-daemon[3342]: Withdrawing address record for 192.168.0.75 on wlan0.
Jun 21 05:07:11 smartnote avahi-daemon[3342]: Leaving mDNS multicast group on interface wlan0.IPv4 with address 192.168.0.75.
Jun 21 05:07:11 smartnote avahi-daemon[3342]: Interface wlan0.IPv4 no longer relevant for mDNS.
Jun 21 05:07:11 smartnote avahi-daemon[3342]: Joining mDNS multicast group on interface wlan0.IPv4 with address 192.168.0.75.
Jun 21 05:07:11 smartnote avahi-daemon[3342]: New relevant interface wlan0.IPv4 for mDNS.
Jun 21 05:07:11 smartnote avahi-daemon[3342]: Registering new address record for 192.168.0.75 on wlan0.IPv4.
Jun 21 05:07:12 smartnote NetworkManager: <info> (wlan0): writing resolv.conf to /sbin/resolvconf
Jun 21 05:07:12 smartnote NetworkManager: <info> Policy set 'Auto home' (wlan0) as default for routing and DNS.
Jun 21 05:07:12 smartnote nm-dispatcher.action: Script '/etc/NetworkManager/dispatcher.d/01ifupdown' exited with error status 1.
Jun 21 05:07:13 smartnote nm-system-settings: SCPlugin-Ifupdown: devices removed (udi: /org/freedesktop/Hal/devices/net_0a_2c_1a_cc_63_6f)
Jun 21 05:07:25 smartnote NetworkManager: <debug> [1245553645.002316] ensure_killed(): waiting for vpn service pid 31975 to exit
Jun 21 05:07:25 smartnote NetworkManager: <debug> [1245553645.002454] ensure_killed(): vpn service pid 31975 cleaned up
Jun 21 05:10:01 smartnote /USR/SBIN/CRON[32191]: (root) CMD ([ -x /usr/sbin/update-motd ] && /usr/sbin/update-motd 2>/dev/null)
###
Description: Ubuntu 9.04
Release: 9.04
network-manager-openvpn:
Installed: 0.7.1~rc4.1.20090323+bzr27-0ubuntu2
Candidate: 0.7.1~rc4.1.20090323+bzr27-0ubuntu2
Version table:
*** 0.7.1~rc4.1.20090323+bzr27-0ubuntu2 0
500 http://it.archive.ubuntu.com jaunty/universe Packages
100 /var/lib/dpkg/status
** Affects: network-manager-openvpn (Ubuntu)
Importance: Undecided
Status: New
--
Network Manager OpenVPN fails to connect
https://bugs.launchpad.net/bugs/390127
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list