Ubuntu
network-manager-openconnect package

Bug #1969734
Comment #34

Comment 34 for bug 1969734

Revision history for this message

In Red Hat Bugzilla #2094338, boris.zubanov (boris.zubanov-redhat-bugs) wrote on 2022-06-07:

#34

Description of problem:

Using native Gnome network vpn connection applet, attempt to establish vpn connection with PaloAlto gateway via GlogalProtect protocol fails with "invalid IP4 config received: no valid IP address/prefix" error. At same time CLI openconnect client does that flawlessly as well as native PA's GlobalProtect client.

Version-Release number of selected component (if applicable):

How reproducible:

Just try to establish vpn connection.

Steps to Reproduce:
1. Open Gnome Settings applet
2. Go to Network category
3. Add VPN connection with + button
4. Fill in gateway FQDN
5. Click Save
6. Turn on just created vpn connection
7. Enter creds

Actual results:

Gnome's notification "Connection failed" appears, no vpn connection established.

Expected results:

VPN connection's up and running

Additional info:

journalctl part of failure:

Jun 07 15:02:18 [HOSTNAME] NetworkManager[12054]: Configured as 100.64.98.207, with SSL disconnected and ESP established
Jun 07 15:02:18 [HOSTNAME] NetworkManager[12054]: Session authentication will expire at Tue Jun 14 15:02:16 2022
Jun 07 15:02:18 [HOSTNAME] openconnect[12054]: SIOCSIFMTU: Operation not permitted
Jun 07 15:02:19 [HOSTNAME] NetworkManager[1200]: <warn> [1654603339.0172] vpn[0x55cf89824350,664d128e-3224-4fd9-aa24-afe6036c010d,"[VPN]",if:6,dev:4:(vpn0)]: invalid IP4 config received: no valid IP address/prefix
Jun 07 15:02:19 [HOSTNAME] NetworkManager[1200]: <warn> [1654603339.0173] vpn[0x55cf89824350,664d128e-3224-4fd9-aa24-afe6036c010d,"[VPN]",if:6,dev:4:(vpn0)]: did not receive valid IP config information
Jun 07 15:02:19 [HOSTNAME] openconnect[12054]: Failed to spawn script '/usr/libexec/nm-openconnect-service-openconnect-helper' for connect: Interrupted system call
Jun 07 15:02:19 [HOSTNAME] openconnect[12054]: POST https://vpn-by.epam.com/ssl-vpn/logout.esp

Somewhere I've read that it can't digest some routing table entries being applied to the system during vpn connection and it seems to be true because it works to my other gates which have a bit simpler routing. But nevertheless.

Description of problem:

Version-Release number of selected component (if applicable):

How reproducible:

Just try to establish vpn connection.

Actual results:

Gnome's notification "Connection failed" appears, no vpn connection established.

Expected results:

VPN connection's up and running

Additional info:

journalctl part of failure:

Jun 07 15:02:18 [HOSTNAME] NetworkManager[12054]: Configured as 100.64.98.207, with SSL disconnected and ESP established
Jun 07 15:02:18 [HOSTNAME] NetworkManager[12054]: Session authentication will expire at Tue Jun 14 15:02:16 2022
Jun 07 15:02:18 [HOSTNAME] openconnect[12054]: SIOCSIFMTU: Operation not permitted
Jun 07 15:02:19 [HOSTNAME] NetworkManager[1200]: <warn>  [1654603339.0172] vpn[0x55cf89824350,664d128e-3224-4fd9-aa24-afe6036c010d,"[VPN]",if:6,dev:4:(vpn0)]: invalid IP4 config received: no valid IP address/prefix
Jun 07 15:02:19 [HOSTNAME] NetworkManager[1200]: <warn>  [1654603339.0173] vpn[0x55cf89824350,664d128e-3224-4fd9-aa24-afe6036c010d,"[VPN]",if:6,dev:4:(vpn0)]: did not receive valid IP config information
Jun 07 15:02:19 [HOSTNAME] openconnect[12054]: Failed to spawn script '/usr/libexec/nm-openconnect-service-openconnect-helper' for connect: Interrupted system call
Jun 07 15:02:19 [HOSTNAME] openconnect[12054]: POST https://vpn-by.epam.com/ssl-vpn/logout.esp

Ubuntunetwork-manager-openconnect package

Comment 34 for bug 1969734

Ubuntu
network-manager-openconnect package