On 02/27/16 07:34, Stephen Morris wrote: > On 26/02/16 19:36, Ed Greshko wrote: >> >> On 02/26/16 15:58, Stephen Morris wrote: >>> On 26/02/16 08:42, Rick Stevens wrote: >>>> On 02/25/2016 01:35 PM, Stephen Morris wrote: >>>>> Hi, >>>>> >>>>> I am trying to my vpn service provider using instructions they >>>>> provide for Ubuntu Mint as the only information they provide for Linux. >>>>> When I go into Networkmanager and create a new Openvpn connection and >>>>> try to connect to it, I get a popup saying the connection failed and one >>>>> of the messages seems to be indicating that I am missing a plugin. >>>>> >>>>> As far as I can see I have every Networkmanager vpn plugin >>>>> installed, so I am at a loss trying to understand the message. Is >>>>> anybody able to shed any light on what/where I need to look to try to >>>>> identify what the connection issues are? >>>> Please include the EXACT error message you're getting. It may not be >>>> a NetworkMangler plugin you're missing--rather an openvpn module or >>>> OpenSSL module. >>> Below is all the messages appearing in the notification dialog when the >>> connection >>> fails, in the order they are displayed from top to bottom. >>> >>> Failed to activate connection >>> Device failed >>> Failed to deactivate connection >>> Connection updated >>> Missing VPN plugin >>> Failed to update connection >>> Connection removed >>> Connection added >>> Failed to remove connection >>> Failed to get secrets >>> Connection deactivated >>> Connection activated >>> Failed to add connection >>> Failed to request scan >>> >> If you do >> >> journalctl -b 0 -l --unit=NetworkManager > I issued this command and found the following messages which means I will now > need to > play around with the configuration to resolve, particularly the certificate > issue, as a > certificate to use is specified in the client. > > Feb 27 10:27:44 localhost.localdomain nm-openvpn[2542]: OpenVPN 2.3.10 > x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] > built on Jan > 4 2016 > Feb 27 10:27:44 localhost.localdomain nm-openvpn[2542]: library versions: > OpenSSL > 1.0.2f-fips 28 Jan 2016, LZO 2.08 > Feb 27 10:27:44 localhost.localdomain nm-openvpn[2542]: WARNING: No server > certificate > verification method has been enabled. See http://openvpn.net/howto.html#mitm > for more > info. > Feb 27 10:27:44 localhost.localdomain nm-openvpn[2542]: NOTE: the current > --script-security setting may allow this configuration to call user-defined > scripts > Feb 27 10:27:44 localhost.localdomain nm-openvpn[2542]: WARNING: normally if > you use > --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it > is 1557) > Feb 27 10:27:44 localhost.localdomain nm-openvpn[2542]: NOTE: UID/GID > downgrade will be > delayed because of --client, --pull, or --up-delay > Feb 27 10:27:44 localhost.localdomain nm-openvpn[2542]: UDPv4 link local: > [undef] > Feb 27 10:27:44 localhost.localdomain nm-openvpn[2542]: UDPv4 link remote: > [AF_INET]45.58.127.234:443 > Feb 27 10:27:46 localhost.localdomain nm-openvpn[2542]: WARNING: 'link-mtu' > is used > inconsistently, local='link-mtu 1614', remote='link-mtu 1557' > Feb 27 10:27:46 localhost.localdomain nm-openvpn[2542]: WARNING: 'tun-mtu' is > used > inconsistently, local='tun-mtu 1557', remote='tun-mtu 1500' > Feb 27 10:27:46 localhost.localdomain nm-openvpn[2542]: [VPN] Peer Connection > Initiated > with [AF_INET]45.58.127.234:443 > Feb 27 10:27:49 localhost.localdomain nm-openvpn[2542]: TUN/TAP device tun0 > opened > Feb 27 10:27:49 localhost.localdomain nm-openvpn[2542]: > /usr/libexec/nm-openvpn-service-openvpn-helper --tun -- tun0 1557 1614 > 10.10.8.10 > 10.10.8.9 init > >> >> Do you get better info? >> >> Here is an example of a successful openvpn connection... >> >> http://paste.fedoraproject.org/329720/47555814/ >> > Is the information you have shown in the link above an excerpt from syslog?
No, it is the output from journalctl on my system with a working openVPN connection. The warning about "server certificate" is only a warning. I don't use that option/feature and there is no problem. > Having found some information around how I need to configure the > NetworkManager > connection I now have the vpn connection working. > The messages I have shown above that I didn't understand, was all because of > my > stupidity. The button I clicked on in the connection failure notification > also shows the > same thing when clicked on in the successful connection notification. What I > now think > it was, is that these are things that NetworkManager knows how to detect, and > it was > asking how I wanted notification of those messages if they occurred. > Sorry for all the trouble I put people to due to my lack of understanding of > something, > that in hindsight should have been obvious to me as to what it was. > > Having got the interface working, its performance potentially explains why > the cost of > lifetime membership was dropped from $1000US to $40US. > Good that you have it working. -- In reality, some people should stick to running Windows and others should stay away from computers altogether. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
