Ubuntu
network-manager package

openvpn in network manager app doesn't import/connect

Bug #1552869 reported by Christian Bongiorno
14
This bug affects 3 people
Affects Status Importance Assigned to Milestone
network-manager (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

Following the copious examples, I am trying to setup an openvpn client on 16.04 and when I try to import the client.ovpn file I get the same gateway name entered a bunch of times and none of the cert information filled out using the network management applet.

When I fill out the details manually it just tries really hard and eventually fails (where can I find logs?)

When I try to connect from the shell, everything seems to go fine but no traffic goes through the tunnel even though a tun0 adapter exists.

To reproduce (this assumes openvpn support is already installed):

1) export client.ovpn from an existing OpenVPN server
2) Open the network manager applet (top right of the gnome UI).
3) Add a VPN connection
4) Import (last choice at the bottom)
5) Select the ovpn file from step 1
6) Dialog is completely misconfigured. No certs are imported and the host for the VPN is comma repeated several times

There doesn't seem to be any problem with the server based on the below output (for testing)

root@christian:~# openvpn --client --config client.ovpn
Tue Mar 1 11:19:11 2016 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Apr 13 2015
Enter Auth Username: *********
Enter Auth Password: *********
Tue Mar 1 11:19:16 2016 Control Channel Authentication: tls-auth using INLINE static key file
Tue Mar 1 11:19:16 2016 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Mar 1 11:19:16 2016 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Mar 1 11:19:16 2016 Socket Buffers: R=[212992->200000] S=[212992->200000]
Tue Mar 1 11:19:16 2016 UDPv4 link local: [undef]
Tue Mar 1 11:19:16 2016 UDPv4 link remote: [AF_INET]52.25.249.104:1194
Tue Mar 1 11:19:16 2016 TLS: Initial packet from [AF_INET]52.25.249.104:1194, sid=140c4d57 ee7ea275
Tue Mar 1 11:19:16 2016 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue Mar 1 11:19:18 2016 VERIFY OK: depth=1, CN=OpenVPN CA
Tue Mar 1 11:19:18 2016 VERIFY OK: nsCertType=SERVER
Tue Mar 1 11:19:18 2016 VERIFY OK: depth=0, CN=OpenVPN Server
Tue Mar 1 11:19:19 2016 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Mar 1 11:19:19 2016 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Mar 1 11:19:19 2016 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Mar 1 11:19:19 2016 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Mar 1 11:19:19 2016 Control Channel: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
Tue Mar 1 11:19:19 2016 [OpenVPN Server] Peer Connection Initiated with [AF_INET]52.25.249.104:1194
Tue Mar 1 11:19:21 2016 SENT CONTROL [OpenVPN Server]: 'PUSH_REQUEST' (status=1)
Tue Mar 1 11:19:21 2016 PUSH: Received control message: 'PUSH_REPLY,explicit-exit-notify,topology subnet,route-delay 5 30,dhcp-pre-release,dhcp-renew,dhcp-release,route-metric 101,ping 12,ping-restart 50,auth-token SESS_ID,comp-lzo yes,redirect-private def1,redirect-private bypass-dhcp,redirect-private autolocal,route-gateway 172.27.248.1,route 172.27.224.0 255.255.240.0,route 10.0.0.0 255.254.0.0,dhcp-option DNS 10.0.0.2,register-dns,block-ipv6,ifconfig 172.27.248.54 255.255.248.0'
Tue Mar 1 11:19:21 2016 Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:4: dhcp-pre-release (2.3.2)
Tue Mar 1 11:19:21 2016 Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:5: dhcp-renew (2.3.2)
Tue Mar 1 11:19:21 2016 Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:6: dhcp-release (2.3.2)
Tue Mar 1 11:19:21 2016 Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:19: register-dns (2.3.2)
Tue Mar 1 11:19:21 2016 Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:20: block-ipv6 (2.3.2)
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: timers and/or timeouts modified
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: explicit notify parm(s) modified
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: LZO parms modified
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: --ifconfig/up options modified
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: route options modified
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: route-related options modified
Tue Mar 1 11:19:21 2016 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Tue Mar 1 11:19:21 2016 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=wlan0 HWADDR=10:02:b5:82:e5:d8
Tue Mar 1 11:19:21 2016 TUN/TAP device tun0 opened
Tue Mar 1 11:19:21 2016 TUN/TAP TX queue length set to 100
Tue Mar 1 11:19:21 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Tue Mar 1 11:19:21 2016 /sbin/ip link set dev tun0 up mtu 1500
Tue Mar 1 11:19:21 2016 /sbin/ip addr add dev tun0 172.27.248.54/21 broadcast 172.27.255.255
Tue Mar 1 11:19:27 2016 ROUTE remote_host is NOT LOCAL
Tue Mar 1 11:19:27 2016 /sbin/ip route add 52.25.249.104/32 via 192.168.1.1
Tue Mar 1 11:19:27 2016 /sbin/ip route add 172.27.224.0/20 via 172.27.248.1 metric 101
Tue Mar 1 11:19:27 2016 /sbin/ip route add 10.0.0.0/15 via 172.27.248.1 metric 101
Tue Mar 1 11:19:27 2016 Initialization Sequence Completed

root@christian:~# ifconfig tun0
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:172.27.248.54 P-t-P:172.27.248.54 Mask:255.255.248.0
          UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

root@christian:~#

See original description
Tags: bot-comment
Christian Bongiorno (cbongiorno)
description: updated
description: updated
Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

Thank you for taking the time to report this bug and helping to make Ubuntu better. It seems that your bug report is not filed about a specific source package though, rather it is just filed against Ubuntu in general. It is important that bug reports be filed about source packages so that people interested in the package can find the bugs about it. You can find some hints about determining what package your bug might be about at https://wiki.ubuntu.com/Bugs/FindRightPackage. You might also ask for help in the #ubuntu-bugs irc channel on Freenode.

To change the source package that this bug is filed about visit https://bugs.launchpad.net/ubuntu/+bug/1552869/+editstatus and add the package name in the text box next to the word Package.

[This is an automated message. I apologize if it reached you inappropriately; please just reply to this message indicating so.]

tags: added: bot-comment
Brian Murray (brian-murray)
affects: ubuntu → network-manager (Ubuntu)
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in network-manager (Ubuntu):
status: New → Confirmed
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Related questions

Remote bug watches

Bug watches keep track of this bug in other bug trackers.