vpnc doesn't connect with empty user password.

I can confirm this.
Seems like there's no GUI for entering the user and group passwords upon connecting to the VPN.
It works if both passwords are stored in kwallet.

I can NOT confirm that it works if the passwords are stored in kwallet! I can still not use the vpn connection. If I click it in the gui of plasma-widget-networkmanagement on the vpn connection, nothing happens.

By the way, the link to the help-page does not work either in that widget.

Kernel: linux 2.6.31-14-generic
Architecture: x86/64
KDE: 4.3.2

This bug seems related to https://bugs.launchpad.net/ubuntu/+source/plasma-widget-networkmanagement/+bug/425466

I can also NOT confirm it working with both group and user password stored in kwallet.
Kubuntu 9.10 2.6.31-14-generic x86_64

My /var/log/daemon.log is a bit different when I have a stored password than when I don't. (Log for that seen in linked bug)

Nov 11 09:34:18 russlewi-kubuntu NetworkManager: <info> Starting VPN service 'org.freedesktop.NetworkManager.vpnc'...
Nov 11 09:34:19 russlewi-kubuntu NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.vpnc' started (org.freedesktop.NetworkManager.vpnc), PID 7412
Nov 11 09:34:19 russlewi-kubuntu NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.vpnc' just appeared, activating connections
Nov 11 09:34:21 russlewi-kubuntu NetworkManager: <info> VPN plugin state changed: 3
Nov 11 09:34:21 russlewi-kubuntu NetworkManager: <info> VPN connection 'RTP' (Connect) reply received.
Nov 11 09:34:21 russlewi-kubuntu NetworkManager: SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/tun0, iface: tun0)
Nov 11 09:34:21 russlewi-kubuntu NetworkManager: SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/tun0, iface: tun0): no ifupdown configuration found.
Nov 11 09:34:21 russlewi-kubuntu NetworkManager: SCPlugin-Ifupdown: devices removed (path: /sys/devices/virtual/net/tun0, iface: tun0)
Nov 11 09:34:22 russlewi-kubuntu NetworkManager: <info> VPN plugin failed: 0
Nov 11 09:34:22 russlewi-kubuntu NetworkManager: <info> VPN plugin state changed: 6
Nov 11 09:34:22 russlewi-kubuntu NetworkManager: <info> VPN plugin state change reason: 10
Nov 11 09:34:22 russlewi-kubuntu NetworkManager: <WARN> connection_state_changed(): Could not process the request because no VPN connection was active.
Nov 11 09:34:22 russlewi-kubuntu NetworkManager: <info> (eth0): writing resolv.conf to /sbin/resolvconf
Nov 11 09:34:22 russlewi-kubuntu NetworkManager: <info> Policy set 'Auto eth0' (eth0) as default for routing and DNS.
Nov 11 09:34:34 russlewi-kubuntu NetworkManager: <debug> [1257950074.002442] ensure_killed(): waiting for vpn service pid 7412 to exit
Nov 11 09:34:34 russlewi-kubuntu NetworkManager: <debug> [1257950074.002643] ensure_killed(): vpn service pid 7412 cleaned up

It is also worth noting that I can connect just fine using kvpnc.

On Wednesday 11 November 2009 03:39:48 pm Russell Lewis wrote:
> It is also worth noting that I can connect just fine using kvpnc.
>

kvpnc does not work here either, I find it very buggy and bad organized,
anyway.

The only thing working here is plain vpnc use via console.

Best regards!

I'll second the awfulness of KVPNC. Just try using using a laptop with other people and KVPNC. There are a lot of bugs with the profiles, which is why I'm looking forward to networkmanagement working :->

But with this bug, I have a DES card, so I can't save my user password. It changes every time I login.

On Wednesday 11 November 2009 04:09:17 pm Russell Lewis wrote:
> I'll second the awfulness of KVPNC. Just try using using a laptop with
> other people and KVPNC. There are a lot of bugs with the profiles,
> which is why I'm looking forward to networkmanagement working :->
>
> But with this bug, I have a DES card, so I can't save my user password.
> It changes every time I login.
>

I see, that must be very frustrating and even if all the vpnc gadget worked,
you'd still have a problem.

Can I ask how you get your new password everytime? Is it part of a database
(or say a table with every row as a new password)? Then a script that always
use the newest password would be quite easy to make. It would then be a one-
click connection without you having to type the new password everytime.

I could probably even help you here (no guarantee, yet *g), just tell me the
setup.

Best regards
Patrick

That's the "beauty" of the DES card. You cannot know the next password. (Obviously there is some algorithm to determine it that the VPN server and card know, but the idea is that it should not be reverse-engineer-able.) I punch in a PIN # and it spits out a password. 3 wrong PIN numbers and it locks down...

They do make a "soft token" that is essentially a software version of this card. However, the problem with a soft token (which only has Windoze and OSX clients) is that you can only login from your soft token machine. I log in from various computers (desktop, laptop, lab workstation), so the physical card is the only way to keep the correct state.

As long as I have the option to not save the user password (which networkmanagement does) and if it prompts me for that password (which it does not) I'll be able to use this.

There's a fix upstream for this. I'll look into backporting the patch to our packages.

I encountered this bug also, with a fresh install of karmic (UNR), vpnc, and network-manager-vpnc .My company's vpn requires that I enter a passcode from an RSA SecurID token, but I did not ever get prompted for such.

I did find the following workaround:

- NetworkManager \ VPN Connections \ Configure VPN
- Select my VPN connection, press 'Edit'
- change User Password from "Always Ask' to 'Saved'
- enter an arbitrary value for the password ; then Apply
- attempt a connection to the VPN, it will fail
- go back into Network Manager, clear the password, and change "Saved" back to "Always Ask"; the Apply
- attempt a connection to the VPN. Now it works.

In which version of knetworkmanager was this fixed? I am using 0.9 on kde 4.3.2 (kubuntu 9.10).

I have configure a VPN connection using confirmed settings from an ubuntu installation.

Prior to applying the patch listed in bug #330056 for the dispatcher, my experience was as follows:

** Select VPN connection in knetworkmanager context menu.
** It shows "Activating..." and then back to nothing. (Sometimes I had to double-click it to make that happen.)
** Attempt to ping a known host on the other network: fail.

After applying the patch for the dispatcher, my experience was as follows:

** Select VPN connection in knetworkmanager context menu.
** It shows "Activating..." and stays there.
** Attempt to ping a known host on the other network: success.
** Attempt other traffic such as VNC: success.
** Select VPN connection in knetworkmanager to attempt to disconnect: nothing happens
** Run a ping to the known host while attempting to disconnect: seems to drop the connection and then re-establish.
** Run 'sudo killall vpnc' to stop the vpn connection: success (knetworkmanager shows the vpn is disconnected at this point)

Perhaps I have something messed up. or I need to update, or perhaps this is a different issue entirely. Any help is greatly appreciated. Thanks.

This is also not working for me in Karmic with the 4.4.1 Software Compilation. My experience is the same as the unpatched experience listed in the previous comment and /var/log/daemon.log gives the same output as post # 3.

Annoying because I'd rather use network manager than KVPNC.

Oh, ignore my last comment I suppose. It looks like the fix was released upstream in knetworkmanager and is not released in Karmic or Lucid in either knetworkmanager or plasma-widget-networkmanagement.

how can I get the fixed version of the network-manager (what you talked about) for KDE?

A fixed version is in Kubuntu 10.04. I believe a backport of the package is available in the KDE 4.4. repo.

Naah it's not fixed in Lucid either.

Here is a connections to a Cisco VPN with the Always Ask selected for the the user password:
Apr 18 19:18:58 vostro1 NetworkManager: <info> Starting VPN service 'org.freedesktop.NetworkManager.vpnc'...
Apr 18 19:18:58 vostro1 NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.vpnc' started (org.freedesktop.NetworkManager.vpnc), PID 4947
Apr 18 19:18:58 vostro1 NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.vpnc' just appeared, activating connections
Apr 18 19:18:58 vostro1 NetworkManager: <info> VPN plugin state changed: 1
Apr 18 19:18:58 vostro1 NetworkManager: <info> VPN plugin state changed: 3
Apr 18 19:18:58 vostro1 NetworkManager: <info> VPN connection 'IPIT' (Connect) reply received.
Apr 18 19:18:58 vostro1 NetworkManager: <info> VPN plugin failed: 1
Apr 18 19:18:58 vostro1 NetworkManager: <info> VPN plugin state changed: 6
Apr 18 19:18:58 vostro1 NetworkManager: <info> VPN plugin state change reason: 0
Apr 18 19:18:58 vostro1 NetworkManager: <WARN> connection_state_changed(): Could not process the request because no VPN connection was active.
Apr 18 19:18:58 vostro1 NetworkManager: <info> Policy set 'Auto eth0' (eth0) as default for routing and DNS.
Apr 18 19:19:11 vostro1 NetworkManager: <debug> [1271611151.002097] ensure_killed(): waiting for vpn service pid 4947 to exit
Apr 18 19:19:11 vostro1 NetworkManager: <debug> [1271611151.002299] ensure_killed(): vpn service pid 4947 cleaned up
Apr 18 19:19:42 vostro1 NetworkManager: <info> Starting VPN service 'org.freedesktop.NetworkManager.vpnc'...
Apr 18 19:19:42 vostro1 NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.vpnc' started (org.freedesktop.NetworkManager.vpnc), PID 5006

And one with the onetime password entered and Store selected:
Apr 18 19:20:54 vostro1 NetworkManager: <info> Starting VPN service 'org.freedesktop.NetworkManager.vpnc'...
Apr 18 19:20:54 vostro1 NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.vpnc' started (org.freedesktop.NetworkManager.vpnc), PID 5018
Apr 18 19:20:54 vostro1 NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.vpnc' just appeared, activating connections
Apr 18 19:20:54 vostro1 NetworkManager: <info> VPN plugin state changed: 3
Apr 18 19:20:54 vostro1 NetworkManager: <info> VPN connection 'IPIT' (Connect) reply received.
Apr 18 19:20:54 vostro1 NetworkManager: SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/tun0, iface: tun0)
Apr 18 19:20:54 vostro1 NetworkManager: SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/tun0, iface: tun0): no ifupdown configuration found.
Apr 18 19:20:57 vostro1 NetworkManager: <info> VPN connection 'IPIT' (IP Config Get) reply received.
Apr 18 19:20:57 vostro1 NetworkManager: <info> VPN Gateway: XXX.XXX.XXX.XXX
Apr 18 19:20:57 vostro1 NetworkManager: <info> Tunnel Device: tun0
Apr 18 19:20:57 vostro1 NetworkManager: <info> Internal IP4 Address: XXX.XXX.XXX.XXX
Apr 18 19:20:57 vostro1 NetworkManager: <info> Internal IP4 Prefix: 24
Apr 18 19:20:57 vostro1 NetworkManager: <info> Internal IP4 Point-to-Poin...

Your issue seems to be a problem with NetworkManager itself: bug 294394

Hmm Jonathan, not sure what you are saying, since once I have stored my one time password in the network-manager I can connect (once obviously). But when connecting with the Always Ask, "nothing happens" in the gui, and the log entries are produced. The routing as 294394 is about, works OK once connected.