Ask Your Question
2

Fedora 29 - OpenVPN from network manager will not work without `sudo dhclient`

asked 2018-11-08 12:40:15 -0500

jocull gravatar image

Hello all!

I have an *.ovpn file that I'm using in the Gnome network manager interface. I'm able to add it, and connect to it just fine, but whenever I try to load a web page in Firefox (or any other kind of web activity, such as updates from dnf) these requests time out. Everything seems fine in ifconfig, I have an address and my other connections seem OK.

The only fix I know of to make it start working is to run sudo dhclient - then everything comes back to life. I don't even need to reconnect to the VPN. I don't understand why this is the fix though, and I actually end up with two dhclient instances running. This seems incorrect.

Oddly, if I connect from the terminal with sudo openvpn --config myfile.ovpn the VPN is incredibly stable and everything works fine. This does not work if I don't run under superuser. But it's less convenient and I have a lot of VPNs to deal with - I'd love to use the network manager.

I read multiple places that SELinux can (or used to) cause permission issues with the ~/.certs directory. However, I switched it to permissive mode and still have the same problem. I couldn't turn up any logs indicating that this was the problem.

I'm new to Fedora (attempting to switch over from Ubuntu) so I'm a little unfamiliar with where all the logs are so any direction you can provide will help me help you debug with me :) This problem was exactly the same in Ubuntu 18.04 LTS, so it likely not something specific to Fedora. Thanks for your help!

edit retag flag offensive close merge delete

3 Answers

Sort by » oldest newest most voted
-1

answered 2018-11-08 14:01:31 -0500

hhlp gravatar image

I'm not answer your Qestion but I give you some tools to workaround to find the error in Fedora log's :

First I supose to install openVPN and start the service via systemctl and enable via systemctl to startup on boot :

At this point it’s a good idea to check the status of the service.

systemctl -l status openvpn@server

If it failed to start,

systemctl restart openvpn@server
journalctl --xn

will provide necessary debug information to troubleshoot any issues.

you can use too :

journalctl --unit=openvpn@server

there is an aplication in gnome where you can log's too :

it call it : gnome-logs install it and looks around...

This is a resumen for your purpose , but you can go deep read this how-do-i-view-logs-on-fedora

Now you have a good idea to find and get more information about your error...

Regards., HTH

edit flag offensive delete link more

Comments

1

As far as I know, openvpn server isn't used here since it is just for client connections. I can't find any references to it in either the service or the logs you listed above.

jocull gravatar imagejocull ( 2018-11-12 14:32:18 -0500 )edit
-1

answered 2019-01-23 12:09:17 -0500

updated 2019-01-23 12:11:51 -0500

It can be used as a client in F29, and it can be used for a server.

Opnevpn can be serviced only by setting environment setting without distinguishing between server and client. But... when using CentOS7 for server use, it'll be able to serve server through systemctl.

When using F29 as a server, create an openvpn folder under /var/log to generate the corresponding log file.

 [root@masi log]# mkdir /var/log/openvpn
 [root@masi openvpn]# systemctl status openvpn -l
 Unit openvpn.service could not be found.

 [root@masi openvpn]# systemctl status NetworkManager -l
 ● NetworkManager.service - Network Manager
   Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled; vendor preset: enabled)
   Drop-In: /usr/lib/systemd/system/NetworkManager.service.d
            └─NetworkManager-ovs.conf
    Active: active (running) since Thu 2019-01-24 02:01:36 KST; 28min ago

 [root@masi openvpn]# openvpn --config  /etc/openvpn/server.conf &
 [root@masi openvpn]# ifconfig
 tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500
    inet 10.8.10.1  netmask 255.255.255.255  destination 10.8.10.2
    inet6 fe80::8f98:13e8:1fc4:503f  prefixlen 64  scopeid 0x20<link>
    unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 100  (UNSPEC)

The network manager and dhcpclient can be used according to user settings, but they are used by default and I also use the network manager.

It is not inconvenient because the program can run naturally when you run it in crond so that it can run at boot time. However, it seems to be easy to work with client as systemctl.

 [root@masi ~]# whereis govpn
 govpn: /usr/bin/govpn
 [root@masi ~]# cat /usr/bin/govpn
 #!/bin/bash
 /usr/sbin/openvpn --config /etc/openvpn/client.ovpn &
 [root@masi ~]# cat /etc/crontab|grep govpn
 @reboot root /usr/bin/govpn
 [root@masi ~]# systemctl enable crond
 [root@masi ~]# systemctl start crond
edit flag offensive delete link more
-1

answered 2019-01-22 11:20:31 -0500

jrab66 gravatar image

am having the same problems too :/ already check in F28 VM and works without problems, in F29 we have this bug!!

edit flag offensive delete link more

Comments

am having the same problems too :/ already check in F28 VM and works without problems, in F29 we have this bug!!

RedtubeBeegSpankbang

seranrakan1995 gravatar imageseranrakan1995 ( 2019-02-17 14:54:37 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2018-11-08 12:40:15 -0500

Seen: 837 times

Last updated: Jan 23