https://bugs.kde.org/show_bug.cgi?id=479937
Knut Andre Tidemann <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDSINFO |REPORTED Version First|5.27.10 |6.4.3 Reported In| | Resolution|WAITINGFORINFO |--- --- Comment #3 from Knut Andre Tidemann <[email protected]> --- This is still an issue in Plasma 6.4.3 (tested in 6.4.2 as well). When connecting from the plasma widget (or typing nmcli connection up VPN without --ask), the login prompt appears. I enter the Username and Password, wait a few seconds to get the 2FA prompt on my phone and accept that. Then the login succeeds and I'm presented with the 'Gateway' option where the only one available is already selected and press the 'Login' button. The dialog then closes but the VPN connection is disconnected. When entering credentials from the CLI with nmcli --ask, everything works, the Gateway is auto selected to the same as displayed in the dialog (we only have one anyways). Here is the journal from the failed attempt: Jul 16 19:04:27 kyle plasmashell[1456]: QDBusObjectPath: invalid path "" Jul 16 19:04:27 kyle NetworkManager[869]: <info> [1752685467.7828] vpn[0x560275e0fa20,040f8208-cd33-45b7-8f5a-8805f67317d1,"VPN"]: starting openconnect Jul 16 19:04:27 kyle NetworkManager[869]: <info> [1752685467.7829] audit: op="connection-activate" uuid="040f8208-cd33-45b7-8f5a-8805f67317d1" name="VPN" pid=1456 uid=1000 result="success" Jul 16 19:04:27 kyle kernel: tun: Universal TUN/TAP device driver, 1.6 Jul 16 19:04:27 kyle kded6[1400]: org.kde.plasma.nm.kded: Unhandled VPN connection state change: NetworkManager::VpnConnection::NeedAuth Jul 16 19:04:27 kyle systemd[1158]: Created slice Slice /app/dbus-:1.2-org.kde.kwalletd6. Jul 16 19:04:27 kyle systemd[1158]: Started dbus-:[email protected]. Jul 16 19:04:27 kyle kwalletd6[2253]: g_dbus_proxy_get_object_path: assertion 'G_IS_DBUS_PROXY (proxy)' failed Jul 16 19:04:44 kyle kded6[1400]: QFormLayout::takeAt: Invalid index 0 Jul 16 19:04:51 kyle kded6[1400]: QFormLayout::takeAt: Invalid index 0 Jul 16 19:04:51 kyle kded6[1400]: org.kde.plasma.nm.kded: Unhandled VPN connection state change: NetworkManager::VpnConnection::Connecting Jul 16 19:04:51 kyle NetworkManager[869]: <info> [1752685491.9195] manager: (vpn0): new Tun device (/org/freedesktop/NetworkManager/Devices/3) Jul 16 19:04:51 kyle NetworkManager[869]: <info> [1752685491.9221] audit: op="connection-update" uuid="040f8208-cd33-45b7-8f5a-8805f67317d1" name="VPN" args="vpn.secrets" pid=1400 uid=1000 result="success" Jul 16 19:04:51 kyle NetworkManager[2292]: POST https://10.0.0.1/ssl-vpn/getconfig.esp Jul 16 19:04:51 kyle NetworkManager[2292]: Connected to 10.0.0.1:443 Jul 16 19:04:51 kyle NetworkManager[2292]: SSL negotiation with 10.0.0.1 Jul 16 19:04:51 kyle NetworkManager[2292]: Server certificate verify failed: signer not found Jul 16 19:04:51 kyle NetworkManager[2292]: Connected to HTTPS on 10.0.0.1 with ciphersuite (TLS1.2)-(ECDHE-SECP256R1)-(RSA-SHA256)-(AES-256-GCM) Jul 16 19:04:51 kyle NetworkManager[2292]: Failed to read from TLS/DTLS socket: Error in the pull function. Jul 16 19:04:51 kyle NetworkManager[2292]: Error reading HTTP response: Input/output error Jul 16 19:04:51 kyle NetworkManager[2292]: Creating SSL connection failed Jul 16 19:04:51 kyle NetworkManager[2292]: Unrecoverable I/O error; exiting. Jul 16 19:04:51 kyle NetworkManager[869]: <warn> [1752685491.9726] vpn[0x560275e0fa20,040f8208-cd33-45b7-8f5a-8805f67317d1,"VPN"]: dbus: failure: connect-failed (1) Jul 16 19:04:51 kyle NetworkManager[869]: <warn> [1752685491.9726] vpn[0x560275e0fa20,040f8208-cd33-45b7-8f5a-8805f67317d1,"VPN"]: dbus: failure: connect-failed (1) And here is the log from the good attempt: Jul 16 19:05:33 kyle NetworkManager[869]: <info> [1752685533.4833] agent-manager: agent[48a8c656e7732405,:1.77/nmcli-connect/1000]: agent registered Jul 16 19:05:33 kyle NetworkManager[869]: <info> [1752685533.4873] vpn[0x560275e0fa20,040f8208-cd33-45b7-8f5a-8805f67317d1,"VPN"]: starting openconnect Jul 16 19:05:33 kyle NetworkManager[869]: <info> [1752685533.4875] audit: op="connection-activate" uuid="040f8208-cd33-45b7-8f5a-8805f67317d1" name="VPN" pid=2423 uid=1000 result="success" Jul 16 19:05:33 kyle kded6[1400]: org.kde.plasma.nm.kded: Unhandled VPN connection state change: NetworkManager::VpnConnection::NeedAuth Jul 16 19:05:43 kyle kded6[1400]: org.kde.plasma.nm.kded: Unhandled VPN connection state change: NetworkManager::VpnConnection::Connecting Jul 16 19:05:43 kyle NetworkManager[869]: <info> [1752685543.3861] manager: (vpn0): new Tun device (/org/freedesktop/NetworkManager/Devices/4) Jul 16 19:05:43 kyle NetworkManager[2446]: POST https://sslvpn.example.com/ssl-vpn/getconfig.esp Jul 16 19:05:43 kyle NetworkManager[2446]: Connected to 10.0.0.1:443 Jul 16 19:05:43 kyle NetworkManager[2446]: SSL negotiation with sslvpn.example.com Jul 16 19:05:43 kyle NetworkManager[2446]: Server certificate verify failed: signer not found Jul 16 19:05:43 kyle NetworkManager[2446]: Connected to HTTPS on sslvpn.example.com with ciphersuite (TLS1.2)-(ECDHE-SECP256R1)-(RSA-SHA256)-(AES-256-GCM) Jul 16 19:05:43 kyle NetworkManager[2446]: Tunnel timeout (rekey interval) is 840 minutes. Jul 16 19:05:43 kyle NetworkManager[2446]: Idle timeout is 840 minutes. Jul 16 19:05:43 kyle NetworkManager[2446]: No MTU received. Calculated 1422 for ESP tunnel Jul 16 19:05:43 kyle NetworkManager[2446]: POST https://sslvpn.example.com/ssl-vpn/hipreportcheck.esp Jul 16 19:05:43 kyle NetworkManager[2446]: WARNING: Server asked us to submit HIP report with md5sum 740e9de209f406a1aac6d081832f3fcf. Jul 16 19:05:43 kyle NetworkManager[2446]: VPN connectivity may be disabled or limited without HIP report submission. Jul 16 19:05:43 kyle NetworkManager[2446]: You need to provide a --csd-wrapper argument with the HIP report submission script. Jul 16 19:05:43 kyle NetworkManager[2446]: ESP session established with server Jul 16 19:05:43 kyle NetworkManager[2446]: ESP tunnel connected; exiting HTTPS mainloop. Jul 16 19:05:43 kyle NetworkManager[2446]: Configured as 172.21.200.193, with SSL disconnected and ESP established Jul 16 19:05:43 kyle NetworkManager[2446]: Session authentication will expire at Thu Jul 17 19:05:43 2025 Jul 16 19:05:43 kyle kded6[1400]: org.kde.plasma.nm.kded: Unhandled VPN connection state change: NetworkManager::VpnConnection::GettingIpConfig Jul 16 19:05:43 kyle NetworkManager[869]: <info> [1752685543.4663] device (vpn0): state change: unmanaged -> unavailable (reason 'connection-assumed', managed-type: 'external') Jul 16 19:05:43 kyle NetworkManager[869]: <info> [1752685543.4670] device (vpn0): state change: unavailable -> disconnected (reason 'connection-assumed', managed-type: 'external') Jul 16 19:05:43 kyle NetworkManager[869]: <info> [1752685543.4673] device (vpn0): Activation: starting connection 'vpn0' (db589ff7-1b20-4140-b4f4-8e8347dd83d4) Jul 16 19:05:43 kyle NetworkManager[869]: <info> [1752685543.4679] device (vpn0): state change: disconnected -> prepare (reason 'none', managed-type: 'external') Jul 16 19:05:43 kyle NetworkManager[869]: <info> [1752685543.4680] device (vpn0): state change: prepare -> config (reason 'none', managed-type: 'external') Jul 16 19:05:43 kyle NetworkManager[869]: <info> [1752685543.4681] device (vpn0): state change: config -> ip-config (reason 'none', managed-type: 'external') Jul 16 19:05:43 kyle NetworkManager[869]: <info> [1752685543.4683] device (vpn0): state change: ip-config -> ip-check (reason 'none', managed-type: 'external') Jul 16 19:05:43 kyle systemd[1]: Starting Network Manager Script Dispatcher Service... Jul 16 19:05:43 kyle openconnect[2446]: Using vhost-net for tun acceleration, ring size 32 Jul 16 19:05:43 kyle systemd[1]: Started Network Manager Script Dispatcher Service. Jul 16 19:05:43 kyle NetworkManager[869]: <info> [1752685543.4914] device (vpn0): state change: ip-check -> secondaries (reason 'none', managed-type: 'external') Jul 16 19:05:43 kyle systemd-resolved[571]: vpn0: Bus client set default route setting: no Jul 16 19:05:43 kyle NetworkManager[869]: <info> [1752685543.4915] device (vpn0): state change: secondaries -> activated (reason 'none', managed-type: 'external') Jul 16 19:05:43 kyle polkitd[958]: Unregistered Authentication Agent for unix-process:2423:12139 (system bus name :1.77, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) Jul 16 19:05:43 kyle polkitd[958]: Unregistered Authentication Agent for unix-process:unknown (system bus name :1.77, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus) Jul 16 19:05:43 kyle NetworkManager[869]: <info> [1752685543.4916] device (vpn0): Activation: successful, device activated. Jul 16 19:05:43 kyle systemd-resolved[571]: vpn0: Bus client set DNS server list to: 172.20.2.3, 172.20.2.6 Jul 16 19:05:46 kyle NetworkManager[869]: <info> [1752685546.0125] audit: op="statistics" interface="enp6s0" ifindex=2 args="2000" pid=1456 uid=1000 result="success" Note that the logs have been anonymized with 10.0.0.1 IP address and 'example.com'-domain. -- You are receiving this mail because: You are watching all bug changes.
