#524989 network-manager-openvpn is unable to connect to an openvpn server because of an openvpn bug

Package:
network-manager-openvpn
Source:
network-manager-openvpn
Description:
network management framework (OpenVPN plugin core)
Submitter:
Mathieu Goessens
Date:
2014-11-25 05:06:05 UTC
Severity:
important
#524989#5
Date:
2009-04-21 10:43:16 UTC
From:
To:
Hi,

Because of the bug #524979 , network-manager may be unable to connect to
an openvpn server.


You should see this line in logs:
NetworkManager: <info>  VPN connection 'VPN 1' (IP Config Get) timeout
exceeded.
(despite openvpn establish the connection)


Workaround (dirty) :

earth% LANG=C; sudo dpkg-divert
/usr/lib/NetworkManager/nm-openvpn-service-openvpn-helper
Adding `local diversion of
/usr/lib/NetworkManager/nm-openvpn-service-openvpn-helper to
/usr/lib/NetworkManager/nm-openvpn-service-openvpn-helper.distrib'
earth% sudo cat <<EOF >>
/usr/lib/NetworkManager/nm-openvpn-service-openvpn-helper
#!/bin/sh
export trusted_ip=your.server.ip.address
/usr/lib/NetworkManager/nm-openvpn-service-openvpn-helper.distrib $@
exit 0;
EOF
earth% sudo chmod 755
/usr/lib/NetworkManager/nm-openvpn-service-openvpn-helper

If you are using many hosts you can use:

if [ ifconfig_remote='192.168.10.1 ]; then
   export trusted_ip=your.server.ip.address
fi;

if [ ifconfig_remote='10.23.0.1 ]; then
   export trusted_ip=your.2nd_server.ip.address
fi;

etc...



If you want to see what vars you can access, you can put:
set > /tmp/nm-debug
in the script

Note that the testing version was also unable to connect but i upgraded
to sid version
before finding the workaround. It May work, but use at your own risk :)
(directory is different, something like /usr/lib/network-manager-openvpn)

Regards,
Mathieu

#524989#10
Date:
2014-11-25 05:03:29 UTC
From:
To:
I don't know if the bug still exists, but I can see that bug #524979 was fixed in July 2009:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524979#10

I wonder if the OP thinks that this bug should be closed...