Ask Your Question
1

VPN connection lost

asked 2015-09-27 17:59:57 -0600

jesse gravatar image

updated 2015-10-11 14:16:55 -0600

I'am using F22 with build-in nm-openconnect plugin to NetworkManager. I can define and connect to VPN using user and pass but when i try to get any resource ie: http resource in VPN, the connection is reset. Same problem is when I try to connect using command line openconnect command, but if i execute openconnect command as sudo - everything is fine. Should i configure network manager to ask me for sudo password (how ?) I'm using user from "wheel" group.

edit: $ getenforce result is Enforcing

edit2: Finally some logs from jurnalctl:

paź 11 20:51:45 PC-MISIEK NetworkManager[686]: <info>  Starting VPN service 'openconnect'...
paź 11 20:51:45 PC-MISIEK NetworkManager[686]: <info>  VPN service 'openconnect' started (org.freedesktop.NetworkManager.openconnect), PID 1781
paź 11 20:51:45 PC-MISIEK NetworkManager[686]: <info>  VPN service 'openconnect' appeared; activating connections
paź 11 20:51:45 PC-MISIEK gnome-session[1509]: (gnome-shell:1777): GLib-CRITICAL **: g_source_remove: assertion 'tag > 0' failed
paź 11 20:51:52 PC-MISIEK gnome-session[1509]: (gnome-shell:1777): GLib-CRITICAL **: g_source_remove: assertion 'tag > 0' failed
paź 11 20:51:52 PC-MISIEK NetworkManager[686]: <info>  VPN connection 'XXXXX' (ConnectInteractive) reply received.
paź 11 20:51:52 PC-MISIEK NetworkManager[686]: ** (nm-openconnect-service:1781): WARNING **: property 'cookie-flags' unknown
paź 11 20:51:52 PC-MISIEK NetworkManager[686]: ** (nm-openconnect-service:1781): WARNING **: property 'certsigs-flags' unknown
paź 11 20:51:52 PC-MISIEK NetworkManager[686]: ** (nm-openconnect-service:1781): WARNING **: property 'lasthost-flags' unknown
paź 11 20:51:52 PC-MISIEK NetworkManager[686]: ** (nm-openconnect-service:1781): WARNING **: property 'autoconnect-flags' unknown
paź 11 20:51:52 PC-MISIEK NetworkManager[686]: ** (nm-openconnect-service:1781): WARNING **: property 'gateway-flags' unknown
paź 11 20:51:52 PC-MISIEK NetworkManager[686]: ** (nm-openconnect-service:1781): WARNING **: property 'gwcert-flags' unknown
paź 11 20:51:52 PC-MISIEK NetworkManager[686]: ** (nm-openconnect-service:1781): WARNING **: property 'xmlconfig-flags' unknown
paź 11 20:51:52 PC-MISIEK NetworkManager[686]: ** (nm-openconnect-service:1781): WARNING **: property 'lasthost' unknown
paź 11 20:51:52 PC-MISIEK NetworkManager[686]: ** (nm-openconnect-service:1781): WARNING **: property 'certificate:XXX.XXX.XXX:XXX' unknown
paź 11 20:51:52 PC-MISIEK NetworkManager[686]: <info>  VPN plugin state changed: starting (3)
paź 11 20:51:52 PC-MISIEK NetworkManager[686]: <info>  (vpn0): new Tun device (carrier: OFF, driver: 'tun', ifindex: 10)
paź 11 20:51:52 PC-MISIEK NetworkManager[686]: ** (nm-openconnect-service:1781): WARNING **: Created tundev vpn0
paź 11 20:51:52 PC-MISIEK NetworkManager[686]: ** Message: openconnect started with pid 1804
paź 11 20:51:52 PC-MISIEK NetworkManager[686]: <info>  VPN connection 'XXXXX' (Connect) reply received.
paź 11 20:51:52 PC-MISIEK openconnect[1804]: Attempting to connect to server XXX.XXX.XXX.XXX:XXX
paź 11 20:51:52 PC-MISIEK openconnect[1804]: SSL negotiation with XXX.XXX.XXX.XXX
paź 11 20:51:52 PC-MISIEK openconnect[1804]: Server certificate verify failed: signer not found
paź 11 20:51:53 PC-MISIEK openconnect[1804]: Connected to HTTPS on XXX.XXX.XXX.XXX
paź 11 20:51:53 PC-MISIEK openconnect[1804]: Got CONNECT response: HTTP/1.1 200 OK
paź 11 20:51:53 PC-MISIEK openconnect[1804]: CSTP connected. DPD 300, Keepalive 30
paź 11 20:51:53 PC-MISIEK openconnect[1804]: SIOCSIFMTU: Operacja niedozwolona
paź 11 ...
(more)
edit retag flag offensive close merge delete

Comments

Sometimes connections can fail due to SELinux policies, what's the result of '# getenforce'?

msx gravatar imagemsx ( 2015-09-29 11:19:13 -0600 )edit

And sometimes connections fail because the cert files are not placed in ~/.cert.

florian gravatar imageflorian ( 2015-10-03 18:16:33 -0600 )edit

1 Answer

Sort by » oldest newest most voted
0

answered 2015-10-12 16:27:07 -0600

jesse gravatar image

Okey, Fresh updates installed and it works.

edit flag offensive delete link more

Question Tools

Stats

Asked: 2015-09-27 17:59:57 -0600

Seen: 360 times

Last updated: Oct 12 '15