Topic: OpenVPN GUI for Ubuntu

[peterphi]

Hi there, i come back, i'm using Ubuntu Desktop 8.10 so i want to use openvpn to connect my openvpn server at home (SME 7.0). How can i do and i can use this gopenvpn to connetc. (gopenvpn is a simple graphical front-end for OpenVPN, the open source VPN solution.
It provides a GNOME system tray icon from which OpenVPN connections can be started and stopped).

http://gopenvpn.sourceforge.net/

Thanks a lot

[Daniel B.]

Hi.

Why don't you use the network-manager plugin for openvpn. It's just working great.

Cheers

[peterphi]

Thanks, i installed network-manager plugin for openvpn, when i setup i can not see Authentication for username and password, add file .opvn. I think network-manager plugin for openvpn in ubuntu not compatible with sme server. pls see pictures on website bellow

http://www.strongvpn.com/forum/viewtopic.php?pid=569

Thanks

[Daniel B.]

network-manager-openvpn can work with SME as I use it everyday. Just dont use the provided configuration file, you need to configure a new connection, and re-enter all the parameters through the GUI.

[tec]

Maybe because NM-OpenVPN Plugin is crappy :-/
I have a Dual Wan Setup at home and I cant connect from remote over the second Wan to my SME server, from the command line it works flawless the same goes to the OpenVPn Gui for Windows. Also on NM0.7 the DNS server after OpenVpn disconnect are not refreshed.
Thanks for the link to the gui programm

[peterphi]

network-manager-openvpn can work with SME as I use it everyday. Just dont use the provided configuration file, you need to configure a new connection, and re-enter all the parameters through the GUI.

So you can help me, how to re-enter all paremeters in GUI. I tried but connect was failed.

I connected to sme server but i can not ping sme server and internet. This's my log

Dec 12 21:20:10 ubuntu NetworkManager: <info>  Starting VPN service 'org.freedesktop.NetworkManager.openvpn'...
Dec 12 21:20:10 ubuntu NetworkManager: <info>  VPN service 'org.freedesktop.NetworkManager.openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 9233
Dec 12 21:20:10 ubuntu NetworkManager: <info>  VPN service 'org.freedesktop.NetworkManager.openvpn' just appeared, activating connections
Dec 12 21:20:10 ubuntu NetworkManager: <info>  VPN plugin state changed: 1
Dec 12 21:20:11 ubuntu NetworkManager: <info>  VPN plugin state changed: 3
Dec 12 21:20:11 ubuntu NetworkManager: <info>  VPN connection 'VPN connection 1' (Connect) reply received.
Dec 12 21:20:11 ubuntu nm-openvpn[9238]: OpenVPN 2.1_rc11 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Oct 15 2008
Dec 12 21:20:11 ubuntu nm-openvpn[9238]: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Dec 12 21:20:11 ubuntu nm-openvpn[9238]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 12 21:20:11 ubuntu nm-openvpn[9238]: WARNING: file '/media/windows/Softs/Config/client.key' is group or others accessible
Dec 12 21:20:11 ubuntu nm-openvpn[9238]: /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>
Dec 12 21:20:11 ubuntu nm-openvpn[9238]: LZO compression initialized
Dec 12 21:20:11 ubuntu nm-openvpn[9238]: Attempting to establish TCP connection with 203.210.211.20:1194 [nonblock]
Dec 12 21:20:21 ubuntu nm-openvpn[9238]: TCP: connect to 203.210.211.20:1194 failed, will try again in 5 seconds: Connection timed out
Dec 12 21:20:36 ubuntu nm-openvpn[9238]: TCP: connect to 203.210.211.20:1194 failed, will try again in 5 seconds: Connection timed out
Dec 12 21:20:51 ubuntu NetworkManager: <info>  VPN connection 'VPN connection 1' (IP Config Get) timeout exceeded.
Dec 12 21:20:51 ubuntu nm-openvpn[9238]: SIGTERM[hard,init_instance] received, process exiting
Dec 12 21:20:51 ubuntu NetworkManager: <info>  Policy set 'Auto WIFI-BOKE' (eth1) as default for routing and DNS.
Dec 12 21:21:03 ubuntu NetworkManager: <debug> [1229091663.250848] ensure_killed(): waiting for vpn service pid 9233 to exit
Dec 12 21:21:03 ubuntu NetworkManager: <debug> [1229091663.251316] ensure_killed(): vpn service pid 9233 cleaned up
Dec 12 21:39:17 ubuntu NetworkManager: <info>  Starting VPN service 'org.freedesktop.NetworkManager.openvpn'...
Dec 12 21:39:17 ubuntu NetworkManager: <info>  VPN service 'org.freedesktop.NetworkManager.openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 10155
Dec 12 21:39:17 ubuntu NetworkManager: <info>  VPN service 'org.freedesktop.NetworkManager.openvpn' just appeared, activating connections
Dec 12 21:39:17 ubuntu nm-openvpn[10160]: OpenVPN 2.1_rc11 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Oct 15 2008
Dec 12 21:39:17 ubuntu NetworkManager: <info>  VPN plugin state changed: 3
Dec 12 21:39:17 ubuntu NetworkManager: <info>  VPN connection 'VPN connection 1' (Connect) reply received.
Dec 12 21:39:18 ubuntu nm-openvpn[10160]: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Dec 12 21:39:18 ubuntu nm-openvpn[10160]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 12 21:39:18 ubuntu nm-openvpn[10160]: WARNING: file '/media/windows/Softs/Config/client.key' is group or others accessible
Dec 12 21:39:18 ubuntu nm-openvpn[10160]: /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>
Dec 12 21:39:18 ubuntu nm-openvpn[10160]: LZO compression initialized
Dec 12 21:39:18 ubuntu nm-openvpn[10160]: Attempting to establish TCP connection with 203.210.211.20:1194 [nonblock]
Dec 12 21:39:28 ubuntu nm-openvpn[10160]: TCP: connect to 203.210.211.20:1194 failed, will try again in 5 seconds: Connection timed out
Dec 12 21:39:43 ubuntu nm-openvpn[10160]: TCP: connect to 203.210.211.20:1194 failed, will try again in 5 seconds: Connection timed out
Dec 12 21:39:44 ubuntu nm-openvpn[10160]: SIGTERM[hard,init_instance] received, process exiting
Dec 12 21:39:44 ubuntu NetworkManager: <info>  Policy set 'Auto WIFI-BOKE' (eth1) as default for routing and DNS.
Dec 12 21:39:56 ubuntu NetworkManager: <debug> [1229092796.990717] ensure_killed(): waiting for vpn service pid 10155 to exit
Dec 12 21:39:56 ubuntu NetworkManager: <debug> [1229092796.991729] ensure_killed(): vpn service pid 10155 cleaned up
Dec 12 21:40:45 ubuntu NetworkManager: <info>  Starting VPN service 'org.freedesktop.NetworkManager.openvpn'...
Dec 12 21:40:45 ubuntu NetworkManager: <info>  VPN service 'org.freedesktop.NetworkManager.openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 10257
Dec 12 21:40:45 ubuntu NetworkManager: <info>  VPN service 'org.freedesktop.NetworkManager.openvpn' just appeared, activating connections
Dec 12 21:40:45 ubuntu NetworkManager: <info>  VPN plugin state changed: 1
Dec 12 21:40:45 ubuntu nm-openvpn[10262]: OpenVPN 2.1_rc11 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Oct 15 2008
Dec 12 21:40:45 ubuntu NetworkManager: <info>  VPN plugin state changed: 3
Dec 12 21:40:45 ubuntu NetworkManager: <info>  VPN connection 'VPN connection 1' (Connect) reply received.
Dec 12 21:40:45 ubuntu nm-openvpn[10262]: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Dec 12 21:40:45 ubuntu nm-openvpn[10262]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 12 21:40:45 ubuntu nm-openvpn[10262]: WARNING: file '/media/windows/Softs/Config/client.key' is group or others accessible
Dec 12 21:40:45 ubuntu nm-openvpn[10262]: /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>
Dec 12 21:40:46 ubuntu nm-openvpn[10262]: UDPv4 link local: [undef]
Dec 12 21:40:46 ubuntu nm-openvpn[10262]: UDPv4 link remote: 203.210.211.20:1194
Dec 12 21:40:46 ubuntu nm-openvpn[10262]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Dec 12 21:40:47 ubuntu nm-openvpn[10262]: WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1573', remote='link-mtu 1574'
Dec 12 21:40:47 ubuntu nm-openvpn[10262]: WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
Dec 12 21:40:47 ubuntu nm-openvpn[10262]: [Server] Peer Connection Initiated with 203.210.211.20:1194
Dec 12 21:40:48 ubuntu nm-openvpn[10262]: TUN/TAP device tap0 opened
Dec 12 21:40:48 ubuntu nm-openvpn[10262]: /sbin/ifconfig tap0 128.8.11.52 netmask 255.255.255.0 mtu 1500 broadcast 128.8.11.255
Dec 12 21:40:48 ubuntu avahi-daemon[4564]: Joining mDNS multicast group on interface tap0.IPv4 with address 128.8.11.52.
Dec 12 21:40:48 ubuntu avahi-daemon[4564]: New relevant interface tap0.IPv4 for mDNS.
Dec 12 21:40:48 ubuntu avahi-daemon[4564]: Registering new address record for 128.8.11.52 on tap0.IPv4.
Dec 12 21:40:48 ubuntu avahi-daemon[4564]: Withdrawing address record for 128.8.11.52 on tap0.
Dec 12 21:40:48 ubuntu avahi-daemon[4564]: Leaving mDNS multicast group on interface tap0.IPv4 with address 128.8.11.52.
Dec 12 21:40:48 ubuntu avahi-daemon[4564]: Interface tap0.IPv4 no longer relevant for mDNS.
Dec 12 21:40:48 ubuntu avahi-daemon[4564]: Joining mDNS multicast group on interface tap0.IPv4 with address 128.8.11.52.
Dec 12 21:40:48 ubuntu avahi-daemon[4564]: New relevant interface tap0.IPv4 for mDNS.
Dec 12 21:40:48 ubuntu avahi-daemon[4564]: Registering new address record for 128.8.11.52 on tap0.IPv4.
Dec 12 21:40:48 ubuntu nm-openvpn[10262]: /usr/lib/network-manager-openvpn/nm-openvpn-service-openvpn-helper tap0 1500 1573 128.8.11.52 255.255.255.0 init
Dec 12 21:40:49 ubuntu NetworkManager: <info>  VPN connection 'VPN connection 1' (IP Config Get) reply received.
Dec 12 21:40:49 ubuntu NetworkManager: <info>  VPN Gateway: 203.210.211.20
Dec 12 21:40:49 ubuntu NetworkManager: <info>  Tunnel Device: tap0
Dec 12 21:40:49 ubuntu NetworkManager: <info>  Internal IP4 Address: 128.8.11.52
Dec 12 21:40:49 ubuntu NetworkManager: <info>  Internal IP4 Prefix: 24
Dec 12 21:40:49 ubuntu NetworkManager: <info>  Internal IP4 Point-to-Point Address: 0.0.0.0
Dec 12 21:40:49 ubuntu NetworkManager: <info>  Maximum Segment Size (MSS): 0
Dec 12 21:40:49 ubuntu NetworkManager: <info>  Static Route: 192.168.0.0/24   Next Hop: 192.168.0.0
Dec 12 21:40:49 ubuntu NetworkManager: <info>  Internal IP4 DNS: 192.168.0.211
Dec 12 21:40:49 ubuntu NetworkManager: <info>  DNS Domain: 'vpn.benline.vn'
Dec 12 21:40:49 ubuntu NetworkManager: <info>  Login Banner:
Dec 12 21:40:49 ubuntu NetworkManager: <info>  -----------------------------------------
Dec 12 21:40:49 ubuntu NetworkManager: <info>  (null)
Dec 12 21:40:49 ubuntu NetworkManager: <info>  -----------------------------------------
Dec 12 21:40:49 ubuntu avahi-daemon[4564]: Withdrawing address record for 128.8.11.52 on tap0.
Dec 12 21:40:49 ubuntu avahi-daemon[4564]: Leaving mDNS multicast group on interface tap0.IPv4 with address 128.8.11.52.
Dec 12 21:40:49 ubuntu avahi-daemon[4564]: Interface tap0.IPv4 no longer relevant for mDNS.
Dec 12 21:40:49 ubuntu avahi-daemon[4564]: Joining mDNS multicast group on interface tap0.IPv4 with address 128.8.11.52.
Dec 12 21:40:49 ubuntu avahi-daemon[4564]: New relevant interface tap0.IPv4 for mDNS.
Dec 12 21:40:49 ubuntu avahi-daemon[4564]: Registering new address record for 128.8.11.52 on tap0.IPv4.
Dec 12 21:40:49 ubuntu nm-openvpn[10262]: Initialization Sequence Completed
Dec 12 21:40:50 ubuntu NetworkManager: <info>  VPN connection 'VPN connection 1' (IP Config Get) complete.

Thanks

[Daniel B.]

Hi.
It'll be hard for me to explain how-to configure network-manager as it'll depend on the configuration of your server, and I'm not sure of the name of the different options as I allways use a french ubuntu . But, it'll be something like this (with network-mnager 0.7)
Create a new VPN, then choose OpenVPN
Choose a name for this connection
gateway: the IP or name of your SME (accessible from the Internet)
Type: depends on your server. The default if you use my contrib is user/pass and certificates
User's Name: Enter the login of the user
Password: It's better to let blank, and enter the password each time you connect.
user's certificate: choose the user.crt file you have downloaded from the panel
CA certificate: Choose the ca.crt
User's key: choose user.key
Private key password: let blank

Now click on the advanced button, and here, you have to select:
- Use LZO
- Use a TAP interface

Eventually, click on "TLS Certificate"
Here, you can choose a cipher (if you have forced one on the server side)
and choose the ta.key file for the TLS Auth. Direction of the key must be 1

I think that's all, now save it, and connect.

[peterphi]

Hi.
It'll be hard for me to explain how-to configure network-manager as it'll depend on the configuration of your server, and I'm not sure of the name of the different options as I allways use a french ubuntu . But, it'll be something like this (with network-mnager 0.7)
Create a new VPN, then choose OpenVPN
Choose a name for this connection
gateway: the IP or name of your SME (accessible from the Internet)
Type: depends on your server. The default if you use my contrib is user/pass and certificates
User's Name: Enter the login of the user
Password: It's better to let blank, and enter the password each time you connect.
user's certificate: choose the user.crt file you have downloaded from the panel
CA certificate: Choose the ca.crt
User's key: choose user.key
Private key password: let blank

Now click on the advanced button, and here, you have to select:
- Use LZO
- Use a TAP interface

Eventually, click on "TLS Certificate"
Here, you can choose a cipher (if you have forced one on the server side)
and choose the ta.key file for the TLS Auth. Direction of the key must be 1

I think that's all, now save it, and connect.

Thank you very much, i will try

Thanks & Best regards

[chris burnat]

This post has been moved to general discussion where it is more appropriate.