Mageia forum

[isadora]

hi, excuse me for the question but i can't able to use openvpn connection with mageia.

Premis: on mswindows work fine.

i have certificate ca.crt | enrico.crt | enrico.key | ta.key
that i have configured in the interface, like getway i have put the ip server to connect

but i have the following log :

Code: Select all

systemctl status openvpn@netformedia
● openvpn@netformedia.service - OpenVPN Robust And Highly Flexible Tunneling Application (Config: netformedia)
     Loaded: loaded (/usr/lib/systemd/system/openvpn@.service; disabled; vendor preset: disabled)
     Active: failed (Result: exit-code) since Wed 2022-02-02 18:03:07 CET; 7min ago
    Process: 15974 ExecStart=/usr/sbin/openvpn --daemon --writepid /run/openvpn/netformedia.pid --cd /etc/openvpn/ --config netformed>
        CPU: 8ms

feb 02 18:03:07 localhost systemd[1]: Starting OpenVPN Robust And Highly Flexible Tunneling Application (Config: netformedia)...
feb 02 18:03:07 localhost openvpn[15974]: Options error: In [CMD-LINE]:1: Error opening configuration file: netformedia.conf
feb 02 18:03:07 localhost openvpn[15974]: Use --help for more information.
feb 02 18:03:07 localhost systemd[1]: openvpn@netformedia.service: Control process exited, code=exited, status=1/FAILURE
feb 02 18:03:07 localhost systemd[1]: openvpn@netformedia.service: Failed with result 'exit-code'.
feb 02 18:03:07 localhost systemd[1]: Failed to start OpenVPN Robust And Highly Flexible Tunneling Application (Config: netformedia).


i don't know where find other log for investigate for the error.
however i can't connect in vpn . the ping to the server give on the first line a negotiations , following " Destination Port Unreachable"

on net_applet i have also tap0 connection, when i click to connect it disappear

have you some tips for me?

Enrico

[bitit]

configurations

[doktor5000]

Can you please post the output of

Code: Select all

ls -al /etc/sysconfig/network-scripts/vpn.d/openvpn

[bitit]

Code: Select all

[root@localhost ~]# ls -al /etc/sysconfig/network-scripts/vpn.d/openvpn
totale 12
drwxr-xr-x 2 root root 4096 feb  2 18:43 ./
drwxr-xr-x 5 root root 4096 nov  2 12:18 ../
-rw-r-xr-x 1 root root 3743 feb  2 18:43 netformedia.conf*


Enrico

[bitit]

do you want configuration file?

Enrico

[doktor5000]

No, because the problem is that it doesn't seem to find the configuration file, per the error message in your first post.
I'd suggest to check some older threads regarding openvpn, because that has already been asked several times.
Quite some people did switch to networkmanager and configured their openvpn connection that way successfully.

[sturmvogel]

If you need help for switching to networkmanager:
https://wiki.mageia.org/en/Switching_to_networkmanager

[bitit]

ok, i have done but can't connect.

i have try to creating a vpn connection importing existent configuration file and a new connection copy the configuration result form importing existent configuration file

in the second case try with networkmanager gui :

Code: Select all

e
feb 03 11:16:27 localhost nm-openvpn[6353]: library versions: OpenSSL 1.1.1m  14 Dec 2021, LZO 2.10
feb 03 11:16:27 localhost nm-openvpn[6353]: WARNING: No server certificate verification method has been enabled.  See http://openvpn.>
feb 03 11:16:27 localhost nm-openvpn[6353]: NOTE: the current --script-security setting may allow this configuration to call user-def>
feb 03 11:16:27 localhost nm-openvpn[6353]: TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xxx.xxx:1194
feb 03 11:16:27 localhost nm-openvpn[6353]: UDP link local: (not bound)
feb 03 11:16:27 localhost nm-openvpn[6353]: UDP link remote: [AF_INET]xxx.xxx.xxx.xxx:1194
feb 03 11:16:27 localhost nm-openvpn[6353]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
feb 03 11:16:27 localhost nm-openvpn[6353]: [server.nfm] Peer Connection Initiated with [AF_INET]xxx.xxx.xxx.xxx:1194
feb 03 11:16:28 localhost nm-openvpn[6353]: TUN/TAP device tap0 opened
feb 03 11:16:28 localhost nm-openvpn[6353]: /usr/libexec/nm-openvpn-service-openvpn-helper --debug 0 6349 --bus-name org.freedesktop.>
feb 03 11:16:28 localhost NetworkManager[951]: <info>  [1643883388.7166] manager: (tap0): new Tun device (/org/freedesktop/NetworkMan>
feb 03 11:16:28 localhost systemd-udevd[6354]: Using default interface naming scheme 'v245'.
feb 03 11:16:28 localhost systemd-udevd[6354]: ethtool: autonegotiation is unset or enabled, the speed and duplex are not writable.
feb 03 11:16:28 localhost systemd-udevd[6354]: tap0: Process 'net_create_ifcfg' failed with exit code 1.
feb 03 11:16:28 localhost NetworkManager[951]: <warn>  [1643883388.7345] vpn-connection[0xcde730,57c0dbcf-9b04-4646-a4f5-f5208f848985>
feb 03 11:16:28 localhost NetworkManager[951]: <warn>  [1643883388.7348] vpn-connection[0xcde730,57c0dbcf-9b04-4646-a4f5-f5208f848985>
feb 03 11:16:28 localhost NetworkManager[951]: <info>  [1643883388.7351] vpn-connection[0xcde730,57c0dbcf-9b04-4646-a4f5-f5208f848985>
feb 03 11:16:28 localhost NetworkManager[951]: <info>  [1643883388.7361] vpn-connection[0xcde730,57c0dbcf-9b04-4646-a4f5-f5208f848985>
feb 03 11:16:28 localhost nm-openvpn[6353]: WARNING: Failed running command (--up/--down): external program exited with error status:>
feb 03 11:16:28 localhost nm-openvpn[6353]: Exiting due to fatal error
feb 03 11:16:28 localhost kded5[1606]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/free>
feb 03 11:16:28 localhost choqok[2069]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/fre>
feb 03 11:16:28 localhost NetworkManager[951]: <info>  [1643883388.7630] vpn-connection[0xcde730,57c0dbcf-9b04-4646-a4f5-f5208f848985>
feb 03 11:16:28 localhost kdeconnectd[1682]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /or>
feb 03 11:16:28 localhost akonadi_notes_agent[1852]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel perc>
feb 03 11:16:28 localhost akonadi_followupreminder_agent[1833]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'ogget>
feb 03 11:16:28 localhost akonadi_maildispatcher_agent[1841]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto>
feb 03 11:16:28 localhost akonadi_sendlater_agent[1853]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel >
feb 03 11:16:28 localhost plasmashell[1670]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /or>
feb 03 11:16:28 localhost choqok[2069]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/fre>
feb 03 11:16:28 localhost akonadi_followupreminder_agent[1833]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'ogget>
feb 03 11:16:28 localhost akonadi_maildispatcher_agent[1841]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto>
feb 03 11:16:28 localhost kded5[1606]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/free>
feb 03 11:16:28 localhost kdeconnectd[1682]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /or>
feb 03 11:16:28 localhost akonadi_notes_agent[1852]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel perc>
feb 03 11:16:28 localhost plasmashell[1670]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /or>
feb 03 11:16:28 localhost akonadi_sendlater_agent[1853]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel >
...skipping...
feb 03 11:16:27 localhost nm-openvpn[6353]: library versions: OpenSSL 1.1.1m  14 Dec 2021, LZO 2.10
feb 03 11:16:27 localhost nm-openvpn[6353]: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
feb 03 11:16:27 localhost nm-openvpn[6353]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
feb 03 11:16:27 localhost nm-openvpn[6353]: TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xxx.xxx:1194
feb 03 11:16:27 localhost nm-openvpn[6353]: UDP link local: (not bound)
feb 03 11:16:27 localhost nm-openvpn[6353]: UDP link remote: [AF_INET]xxx.xxx.xxx.xxx:1194
feb 03 11:16:27 localhost nm-openvpn[6353]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
feb 03 11:16:27 localhost nm-openvpn[6353]: [server.nfm] Peer Connection Initiated with [AF_INET]xxx.xxx.xxx.xxx:1194
feb 03 11:16:28 localhost nm-openvpn[6353]: TUN/TAP device tap0 opened
feb 03 11:16:28 localhost nm-openvpn[6353]: /usr/libexec/nm-openvpn-service-openvpn-helper --debug 0 6349 --bus-name org.freedesktop.NetworkManager.openvpn.Connection_2>
feb 03 11:16:28 localhost NetworkManager[951]: <info>  [1643883388.7166] manager: (tap0): new Tun device (/org/freedesktop/NetworkManager/Devices/19)
feb 03 11:16:28 localhost systemd-udevd[6354]: Using default interface naming scheme 'v245'.
feb 03 11:16:28 localhost systemd-udevd[6354]: ethtool: autonegotiation is unset or enabled, the speed and duplex are not writable.
feb 03 11:16:28 localhost systemd-udevd[6354]: tap0: Process 'net_create_ifcfg' failed with exit code 1.
feb 03 11:16:28 localhost NetworkManager[951]: <warn>  [1643883388.7345] vpn-connection[0xcde730,57c0dbcf-9b04-4646-a4f5-f5208f848985,"netformedia2",0]: VPN plugin: fai>
feb 03 11:16:28 localhost NetworkManager[951]: <warn>  [1643883388.7348] vpn-connection[0xcde730,57c0dbcf-9b04-4646-a4f5-f5208f848985,"netformedia2",0]: VPN plugin: fai>
feb 03 11:16:28 localhost NetworkManager[951]: <info>  [1643883388.7351] vpn-connection[0xcde730,57c0dbcf-9b04-4646-a4f5-f5208f848985,"netformedia2",0]: VPN plugin: sta>
feb 03 11:16:28 localhost NetworkManager[951]: <info>  [1643883388.7361] vpn-connection[0xcde730,57c0dbcf-9b04-4646-a4f5-f5208f848985,"netformedia2",0]: VPN plugin: sta>
feb 03 11:16:28 localhost nm-openvpn[6353]: WARNING: Failed running command (--up/--down): external program exited with error status: 1
feb 03 11:16:28 localhost nm-openvpn[6353]: Exiting due to fatal error
feb 03 11:16:28 localhost kded5[1606]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/freedesktop/NetworkManager/ActiveConnec>
feb 03 11:16:28 localhost choqok[2069]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/freedesktop/NetworkManager/ActiveConne>
feb 03 11:16:28 localhost NetworkManager[951]: <info>  [1643883388.7630] vpn-connection[0xcde730,57c0dbcf-9b04-4646-a4f5-f5208f848985,"netformedia2",0]: VPN service dis>
feb 03 11:16:28 localhost kdeconnectd[1682]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/freedesktop/NetworkManager/Active>
feb 03 11:16:28 localhost akonadi_notes_agent[1852]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/freedesktop/NetworkManage>
feb 03 11:16:28 localhost akonadi_followupreminder_agent[1833]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/freedesktop/Ne>
feb 03 11:16:28 localhost akonadi_maildispatcher_agent[1841]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/freedesktop/Netw>
feb 03 11:16:28 localhost akonadi_sendlater_agent[1853]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/freedesktop/NetworkMa>
feb 03 11:16:28 localhost plasmashell[1670]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/freedesktop/NetworkManager/Active>
feb 03 11:16:28 localhost choqok[2069]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/freedesktop/NetworkManager/ActiveConne>
feb 03 11:16:28 localhost akonadi_followupreminder_agent[1833]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/freedesktop/Ne>
feb 03 11:16:28 localhost akonadi_maildispatcher_agent[1841]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/freedesktop/Netw>
feb 03 11:16:28 localhost kded5[1606]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/freedesktop/NetworkManager/ActiveConnec>
feb 03 11:16:28 localhost kdeconnectd[1682]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/freedesktop/NetworkManager/Active>
feb 03 11:16:28 localhost akonadi_notes_agent[1852]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/freedesktop/NetworkManage>
feb 03 11:16:28 localhost plasmashell[1670]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/freedesktop/NetworkManager/Active>
feb 03 11:16:28 localhost akonadi_sendlater_agent[1853]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/freedesktop/NetworkMa>
lines 1239-1275/1275 (END)


[bitit]

from shell

Code: Select all

ystemctl start openvpn@netformedia2
Job for openvpn@netformedia2.service failed because the control process exited with error code.
See "systemctl status openvpn@netformedia2.service" and "journalctl -xe" for details.
[root@localhost openvpn]# systemctl status openvpn@netformedia2
● openvpn@netformedia2.service - OpenVPN Robust And Highly Flexible Tunneling Application (Config: netformedia2)
     Loaded: loaded (/usr/lib/systemd/system/openvpn@.service; disabled; vendor preset: disabled)
     Active: failed (Result: exit-code) since Thu 2022-02-03 11:20:09 CET; 13s ago
    Process: 6414 ExecStart=/usr/sbin/openvpn --daemon --writepid /run/openvpn/netformedia2.pid --cd /etc/openvpn/ --config netformedia2.conf (code=exited, status=1/FAI>
        CPU: 10ms

feb 03 11:20:09 localhost systemd[1]: Starting OpenVPN Robust And Highly Flexible Tunneling Application (Config: netformedia2)...
feb 03 11:20:09 localhost openvpn[6414]: Options error: In [CMD-LINE]:1: Error opening configuration file: netformedia2.conf
feb 03 11:20:09 localhost openvpn[6414]: Use --help for more information.
feb 03 11:20:09 localhost systemd[1]: openvpn@netformedia2.service: Control process exited, code=exited, status=1/FAILURE
feb 03 11:20:09 localhost systemd[1]: openvpn@netformedia2.service: Failed with result 'exit-code'.
feb 03 11:20:09 localhost systemd[1]: Failed to start OpenVPN Robust And Highly Flexible Tunneling Application (Config: netformedia2).


so i have copy /etc/sysconfig/network-scripts/vpn.d/openvpn/netdormedia.conf in /etc/openvpn

now i have the following log:

Code: Select all

[root@localhost openvpn]# systemctl start openvpn@netformedia2
[root@localhost openvpn]# systemctl status openvpn@netformedia2
● openvpn@netformedia2.service - OpenVPN Robust And Highly Flexible Tunneling Application (Config: netformedia2)
     Loaded: loaded (/usr/lib/systemd/system/openvpn@.service; disabled; vendor preset: disabled)
     Active: active (running) since Thu 2022-02-03 11:23:30 CET; 4s ago
    Process: 6735 ExecStart=/usr/sbin/openvpn --daemon --writepid /run/openvpn/netformedia2.pid --cd /etc/openvpn/ --config netformedia2.conf (code=exited, status=0/SUC>
   Main PID: 6736 (openvpn)
      Tasks: 1 (limit: 13946)
     Memory: 1.1M
        CPU: 62ms
     CGroup: /system.slice/system-openvpn.slice/openvpn@netformedia2.service
             └─6736 /usr/sbin/openvpn --daemon --writepid /run/openvpn/netformedia2.pid --cd /etc/openvpn/ --config netformedia2.conf

feb 03 11:23:31 localhost openvpn[6736]: OPTIONS IMPORT: route-related options modified
feb 03 11:23:31 localhost openvpn[6736]: OPTIONS IMPORT: peer-id set
feb 03 11:23:31 localhost openvpn[6736]: OPTIONS IMPORT: adjusting link_mtu to 1656
feb 03 11:23:31 localhost openvpn[6736]: OPTIONS IMPORT: data channel crypto options modified
feb 03 11:23:31 localhost openvpn[6736]: Data Channel: using negotiated cipher 'AES-256-GCM'
feb 03 11:23:31 localhost openvpn[6736]: Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
feb 03 11:23:31 localhost openvpn[6736]: Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
feb 03 11:23:31 localhost openvpn[6736]: TUN/TAP device tap0 opened
feb 03 11:23:31 localhost openvpn[6736]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
feb 03 11:23:31 localhost openvpn[6736]: Initialization Sequence Completed


but can't connect

Enrico

[bitit]

well at the moment the only log i can't find is this :

Code: Select all

feb 05 10:42:02 localhost.localdomain nm-openvpn[3801]: TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xxx.xxx:1194
feb 05 10:42:02 localhost.localdomain nm-openvpn[3801]: UDP link local: (not bound)
feb 05 10:42:02 localhost.localdomain nm-openvpn[3801]: UDP link remote: [AF_INET]xxx.xxx.xxx.xxx:1194
feb 05 10:42:02 localhost.localdomain nm-openvpn[3801]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
feb 05 10:42:03 localhost.localdomain nm-openvpn[3801]: [server.nfm] Peer Connection Initiated with [AF_INET]xxx.xxx.xxx.xxx:1194
feb 05 10:42:04 localhost.localdomain nm-openvpn[3801]: TUN/TAP device tap0 opened
feb 05 10:42:04 localhost.localdomain nm-openvpn[3801]: /usr/libexec/nm-openvpn-service-openvpn-helper --debug 0 3797 --bus-name org.freedesktop.NetworkManager.openvpn.>
feb 05 10:42:04 localhost.localdomain NetworkManager[964]: <info>  [1644054124.2861] manager: (tap0): new Tun device (/org/freedesktop/NetworkManager/Devices/9)
feb 05 10:42:04 localhost.localdomain systemd-udevd[3803]: Using default interface naming scheme 'v245'.
feb 05 10:42:04 localhost.localdomain systemd-udevd[3803]: ethtool: autonegotiation is unset or enabled, the speed and duplex are not writable.
feb 05 10:42:04 localhost.localdomain systemd-udevd[3803]: tap0: Process 'net_create_ifcfg' failed with exit code 1.
feb 05 10:42:04 localhost.localdomain NetworkManager[964]: <warn>  [1644054124.3079] vpn-connection[0xb68350,57c0dbcf-9b04-4646-a4f5-f5208f848985,"netformedia2",0]: VPN>
feb 05 10:42:04 localhost.localdomain NetworkManager[964]: <warn>  [1644054124.3085] vpn-connection[0xb68350,57c0dbcf-9b04-4646-a4f5-f5208f848985,"netformedia2",0]: VPN>
feb 05 10:42:04 localhost.localdomain NetworkManager[964]: <info>  [1644054124.3096] vpn-connection[0xb68350,57c0dbcf-9b04-4646-a4f5-f5208f848985,"netformedia2",0]: VPN>
feb 05 10:42:04 localhost.localdomain NetworkManager[964]: <info>  [1644054124.3096] vpn-connection[0xb68350,57c0dbcf-9b04-4646-a4f5-f5208f848985,"netformedia2",0]: VPN>
feb 05 10:42:04 localhost.localdomain nm-openvpn[3801]: WARNING: Failed running command (--up/--down): external program exited with error status: 1
feb 05 10:42:04 localhost.localdomain nm-openvpn[3801]: Exiting due to fatal error



maybe the problem is :

Code: Select all

ethtool: autonegotiation is unset or enabled, the speed and duplex are not writable.

??

[bitit]

from root shell seam able to connect, but can't use it from my user connection

Code: Select all

openvpn /etc/openvpn/netformedia2.conf
2022-02-05 11:45:33 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2022-02-05 11:45:33 WARNING: file 'PATH/enrico.key' is group or others accessible
2022-02-05 11:45:33 OpenVPN 2.5.0 x86_64-mageia-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jun  2 2021
2022-02-05 11:45:33 library versions: OpenSSL 1.1.1m  14 Dec 2021, LZO 2.10
2022-02-05 11:45:33 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
2022-02-05 11:45:33 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2022-02-05 11:45:33 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2022-02-05 11:45:33 TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xxx.xxx:1194
2022-02-05 11:45:33 Socket Buffers: R=[212992->212992] S=[212992->212992]
2022-02-05 11:45:33 UDP link local: (not bound)
2022-02-05 11:45:33 UDP link remote: [AF_INET]xxx.xxx.xxx.xxx:1194
2022-02-05 11:45:33 TLS: Initial packet from [AF_INET]xxx.xxx.xxx.xxx:1194, sid=65264b5c bcb5a472
2022-02-05 11:45:33 VERIFY OK: depth=1, C=IT, ST=AR, L=Terrnauova Bracciolini, O=Netformedia, OU=changeme, CN=ca.lorenzo, name=lorenzo CA, emailAddress=info@xxx.it
2022-02-05 11:45:33 VERIFY OK: depth=0, C=IT, ST=AR, L=Terrnauova Bracciolini, O=Netformedia, OU=changeme, CN=server.nfm, name=server, emailAddress=info@xxx.it
2022-02-05 11:45:34 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 4096 bit RSA
2022-02-05 11:45:34 [server.nfm] Peer Connection Initiated with [AF_INET]xxx.xxx.xxx.xxx:1194
2022-02-05 11:45:35 SENT CONTROL [server.nfm]: 'PUSH_REQUEST' (status=1)
2022-02-05 11:45:35 PUSH: Received control message: 'PUSH_REPLY,route-gateway dhcp,ping 10,ping-restart 120,peer-id 0,cipher AES-256-GCM'
2022-02-05 11:45:35 OPTIONS IMPORT: timers and/or timeouts modified
2022-02-05 11:45:35 OPTIONS IMPORT: route-related options modified
2022-02-05 11:45:35 OPTIONS IMPORT: peer-id set
2022-02-05 11:45:35 OPTIONS IMPORT: adjusting link_mtu to 1656
2022-02-05 11:45:35 OPTIONS IMPORT: data channel crypto options modified
2022-02-05 11:45:35 Data Channel: using negotiated cipher 'AES-256-GCM'
2022-02-05 11:45:35 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-02-05 11:45:35 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-02-05 11:45:35 TUN/TAP device tap0 opened
2022-02-05 11:45:35 Initialization Sequence Completed



[sturmvogel]

Autonegotiation between two network partners only mean that they negotiate their communication speed and parameters their self. There is many documentation about ethtool and autonegotiation easily available.
You can set the auto (link) negotiation in networkmanger to automatic or issue this command (if your networkcard is capable of auto negotiation):

Code: Select all

sudo ethtool -s eth0 autoneg on

You have to change "eth0" to your networkadapter name.

But thats not the source of your problems.

Did you set in networkmanager/networkcenter that the normal user is allowed to establish all connections? That would fit to your problem that you can start it as root but not as normal user?

normal user.png (80.09 KiB) Viewed 8865 times

[bitit]

Ok i have removed net_app and installed network manager, following the tips posted before ; however, in the configurations of vpn i have give the managing permission at all user and for test at my user specifically .

but it don't work; form shell if i turn i su - seem connect , but when open a browser can't reach the server and from shell, from my user, can't ping the destination address

i have change the user in su -
and post the command

Code: Select all

ethtool -s enp2s0 autoneg on

nothing is happen

and repeat, with ms windows it works.

Enrico

[bitit]

ok, i have worked around a lot and from shell

Code: Select all

systemctl stop openvpn@netformedia2


connect without problem, but cant use in my desktop connection

from networkmanager i have make some steps but

Code: Select all

feb 06 15:10:00 localhost NetworkManager[959]: <info>  [1644156600.2433] manager: (tap0): new Tun device (/org/freedesktop/NetworkManager/Devices/4)
feb 06 15:10:00 localhost systemd-udevd[5384]: Using default interface naming scheme 'v245'.
feb 06 15:10:00 localhost systemd-udevd[5384]: ethtool: autonegotiation is unset or enabled, the speed and duplex are not writable.
feb 06 15:10:00 localhost systemd-udevd[5384]: tap0: Process 'net_create_ifcfg' failed with exit code 1.
feb 06 15:10:01 localhost NetworkManager[959]: <info>  [1644156601.8934] audit: op="statistics" arg="refresh-rate-ms" pid=1672 uid=1000 result="success"
feb 06 15:10:03 localhost plasmashell[1672]: QDBusObjectPath: invalid path ""
feb 06 15:10:03 localhost NetworkManager[959]: <info>  [1644156603.3453] audit: op="connection-activate" uuid="57c0dbcf-9b04-4646-a4f5-f5208f848985" name="netformedia2">
feb 06 15:10:03 localhost NetworkManager[959]: <info>  [1644156603.3576] vpn-connection[0x117e2f0,57c0dbcf-9b04-4646-a4f5-f5208f848985,"netformedia2",0]: Started the VP>
feb 06 15:10:03 localhost NetworkManager[959]: <info>  [1644156603.3685] vpn-connection[0x117e2f0,57c0dbcf-9b04-4646-a4f5-f5208f848985,"netformedia2",0]: Saw the servic>
feb 06 15:10:03 localhost kded5[1617]: plasma-nm: Unhandled VPN connection state change:  2
feb 06 15:10:03 localhost kded5[1617]: plasma-nm: Unhandled VPN connection state change:  3
feb 06 15:10:03 localhost NetworkManager[959]: <info>  [1644156603.3903] vpn-connection[0x117e2f0,57c0dbcf-9b04-4646-a4f5-f5208f848985,"netformedia2",0]: VPN plugin: st>
feb 06 15:10:06 localhost NetworkManager[959]: <info>  [1644156606.3318] audit: op="statistics" arg="refresh-rate-ms" pid=1672 uid=1000 result="success"
feb 06 15:10:06 localhost plasmashell[1672]: file:///usr/lib64/qt5/qml/org/kde/plasma/extras/ExpandableListItem.qml:314: TypeError: Cannot read property 'width' of null
feb 06 15:10:06 localhost plasmashell[1672]: file:///usr/lib64/qt5/qml/org/kde/plasma/extras/ExpandableListItem.qml:314: TypeError: Cannot read property 'width' of null
feb 06 15:11:03 localhost NetworkManager[959]: <warn>  [1644156663.8425] vpn-connection[0x117e2f0,57c0dbcf-9b04-4646-a4f5-f5208f848985,"netformedia2",0]: VPN connection>
feb 06 15:11:03 localhost nm-openvpn-serv[5391]: Connect timer expired, disconnecting.
feb 06 15:11:03 localhost NetworkManager[959]: <warn>  [1644156663.8713] vpn-connection[0x117e2f0,57c0dbcf-9b04-4646-a4f5-f5208f848985,"netformedia2",0]: VPN plugin: fa>
feb 06 15:11:03 localhost NetworkManager[959]: <info>  [1644156663.8716] vpn-connection[0x117e2f0,57c0dbcf-9b04-4646-a4f5-f5208f848985,"netformedia2",0]: VPN plugin: st>
feb 06 15:11:03 localhost NetworkManager[959]: <info>  [1644156663.8723] vpn-connection[0x117e2f0,57c0dbcf-9b04-4646-a4f5-f5208f848985,"netformedia2",0]: VPN plugin: st>
feb 06 15:11:03 localhost akonadi_sendlater_agent[1862]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/freedesktop/NetworkMa>
feb 06 15:11:03 localhost akonadi_notes_agent[1858]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/freedesktop/NetworkManage>
feb 06 15:11:03 localhost akonadi_maildispatcher_agent[1850]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/freedesktop/Netw>
feb 06 15:11:03 localhost kded5[1617]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/freedesktop/NetworkManager/ActiveConnec>
feb 06 15:11:03 localhost akonadi_followupreminder_agent[1844]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/freedesktop/Ne>
feb 06 15:11:03 localhost choqok[2096]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/freedesktop/NetworkManager/ActiveConne>
feb 06 15:11:03 localhost kdeconnectd[1688]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/freedesktop/NetworkManager/Active>
feb 06 15:11:03 localhost plasmashell[1672]: "Interfaccia «org.freedesktop.DBus.Properties» inesistente sull'oggetto nel percorso /org/freedesktop/NetworkManager/Active>
lines 1406-1442/

some ideas?

Enrico

[bitit]

Log server side

Code: Select all

 Authenticate/Decrypt packet error:  packet HMAC authentication failed
TLS Error: incoming packet authentication failed from [AF_INTEG]:ffff:xxx.xxx.xxx.xxx:62291

[sturmvogel]

Many stuff to check:
https://www.google.com/search?q=Authenticate%2FDecrypt+packet+error%3A+packet+HMAC+authentication+failed

[bitit]

can be this?
https://bugs.kde.org/show_bug.cgi?id=444882

where i can find this file for edit it?

[doktor5000]

Well, it could be. Does it work if you connect via nmcli directly ?

The file mentioned there is the source code that was changed, you cannot edit this directly on your system because from that sourcecode a library or binary file will be compiled.

You would need to request that this fix will be added to the mga8 package via a bugreport: https://wiki.mageia.org/en/How_to_report_a_bug_properly