You are not logged in.

#1 2014-08-03 17:53:47

Nordic89
Member
Registered: 2014-05-07
Posts: 49

Connman - Can't connect to OpenVPN

I made the change from networkmanager to connnman, but I couldn't get a vpn connection ever since.

/var/lib/connman-vpn/VPN.config:

[provider_openvpn]
Type = OpenVPN
Name = AirVPN Europe
Host = 37.48.81.11
Domain = 37.48.81.11
OpenVPN.CACert = /home/robert/CloudStation/Technikconf/AirVPN/ca.crt
OpenVPN.Cert = /home/robert/CloudStation/Technikconf/AirVPN/user.crt
OpenVPN.Key = /home/robert/CloudStation/Technikconf/AirVPN/user.key
OpenVPN.TLSAuth = /home/robert/CloudStation/Technikconf/AirVPN/ta.key
OpenVPN.Port = 443
OpenVPN.CompLZO = no
OpenVPN.RemoteCertTls = server
OpenVPN.Proto = udp
OpenVPN.Cipher = AES-256-CBC
OpenVPN.NSCertType = client

Content of the .ovpn file that always worked with networkmanager:

# --------------------------------------------------------
# Air VPN | https://airvpn.org | Sunday 3rd of August 2014 02:23:45 PM
# OpenVPN Client Configuration
# AirVPN_Europe_UDP-443
# --------------------------------------------------------

client
dev tun
proto udp
remote 37.48.81.11 443
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
cipher AES-256-CBC
comp-lzo no
verb 3
explicit-exit-notify 5
ca "ca.crt"
cert "user.crt"
key "user.key"
tls-auth "ta.key" 1

Offline

#2 2014-08-03 18:59:17

firecat53
Member
From: Lake Stevens, WA, USA
Registered: 2007-05-14
Posts: 1,542
Website

Re: Connman - Can't connect to OpenVPN

For what it's worth, I never could get connman-vpn working either. I ended up migrating _to_ networkmanager and just using nmcli-dmenu as a nm-applet replacement (mostly). Sorry I can't help, but I found for VPN usage that networkmanager just worked.

Scott

Last edited by firecat53 (2014-08-03 19:00:09)

Offline

#3 2015-05-21 15:01:20

r8b7xy
Member
Registered: 2015-05-21
Posts: 2

Re: Connman - Can't connect to OpenVPN

This is my working configuration:

[provider_openvpn]
Type = OpenVPN
Name = PIA VPN
Host = uk-london.privateinternetaccess.com
Domain = privateinternetaccess.com
OpenVPN.Port = 1194
OpenVPN.CACert = /etc/openvpn/ca.crt
OpenVPN.AuthUserPass = /etc/openvpn/pass.pia
OpenVPN.AuthNoCache = 0
OpenVPN.CompLZO = yes
OpenVPN.RemoteCertTls = server

But after one hour connman vpn daemon breaks the connection with the following output:

● connman-vpn.service - ConnMan VPN service
   Loaded: loaded (/usr/lib/systemd/system/connman-vpn.service; disabled; vendor preset: disabled)
   Active: active (running) since Thu 2015-05-21 14:25:05 CEST; 3h 37min ago
 Main PID: 231 (connman-vpnd)
   CGroup: /system.slice/connman-vpn.service
           └─231 /usr/bin/connman-vpnd -n

May 21 16:43:55 arch connman-vpnd[231]: vpn0 {update} flags 102609 <UP,RUNNING,LOWER_UP>
May 21 16:43:55 arch connman-vpnd[231]: vpn0 {newlink} index 11 operstate 6 <UP>
May 21 17:45:23 arch openvpn[14197]: ERROR: could not read Auth username from stdin
May 21 17:45:23 arch openvpn[14197]: Exiting due to fatal error
May 21 17:45:23 arch connman-vpnd[231]: vpn0 {update} flags 37009 <UP>
May 21 17:45:23 arch connman-vpnd[231]: vpn0 {newlink} index 11 operstate 2 <DOWN>
May 21 17:45:23 arch connman-vpnd[231]: vpn0 {update} flags 37008 <DOWN>
May 21 17:45:23 arch connman-vpnd[231]: vpn0 {newlink} index 11 operstate 2 <DOWN>
May 21 17:45:23 arch connman-vpnd[231]: vpn0 {dellink} index 11 operstate 2 <DOWN>
May 21 17:45:23 arch connman-vpnd[231]: vpn0 {remove} index 11

It may need 'OpenVPN.ConfigFile' which will point to openvpn's 'persist-key' argument. All the avaliable 'mappings' between config file and openvpn are listed here.
If you have any other ideas how to make it working, please let me know.

Last edited by r8b7xy (2015-05-22 08:19:41)

Offline

#4 2015-06-29 20:53:38

flamusdiu
Member
Registered: 2013-05-10
Posts: 36

Re: Connman - Can't connect to OpenVPN

@r8b7xy I just added support for connman for my AUR Package: https://aur4.archlinux.org/packages/pri … ccess-vpn/ This is based from your configuration above. Thank you for figuring that out. It was driving me crazy.

Looks like the OpenVPN.ConfigFile seems to work as well. I need to do a few things with the python script for error checking and add to the wiki entry. Let me know if you have any issues with it.

Offline

#5 2015-06-29 21:15:12

flamusdiu
Member
Registered: 2013-05-10
Posts: 36

Re: Connman - Can't connect to OpenVPN

firecat53 wrote:

For what it's worth, I never could get connman-vpn working either. I ended up migrating _to_ networkmanager and just using nmcli-dmenu as a nm-applet replacement (mostly). Sorry I can't help, but I found for VPN usage that networkmanager just worked.

Scott

What I do know is that Network Manager seem to have better (or maybe easier) to read documentation. Connman seems to do stuff hard. =P

Offline

#6 2015-07-18 12:02:31

penguin
Member
From: Gotham City
Registered: 2010-12-31
Posts: 168

Re: Connman - Can't connect to OpenVPN

@flamusdiu thanks for doing this, awesome. However, when I've built the package (v. 2.4.1), I do get the following error, when I try to run "sudo pia -a":

Traceback (most recent call last):
  File "/usr/lib/python3.4/configparser.py", line 824, in items
    d.update(self._sections[section])
KeyError: 'pia'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/bin/pia", line 9, in <module>
    load_entry_point('pia==2.4.1', 'console_scripts', 'pia')()
  File "/usr/lib/python3.4/site-packages/pia/command_line.py", line 23, in main
    pia.run.run()
  File "/usr/lib/python3.4/site-packages/pia/run.py", line 47, in run
    properties.parse_conf_file()
  File "/usr/lib/python3.4/site-packages/pia/properties.py", line 99, in parse_conf_file
    pia_section = _Parser("pia")
  File "/usr/lib/python3.4/site-packages/pia/properties.py", line 73, in __init__
    self.__dict__.update({k: v for k, v in c.items(section)})
  File "/usr/lib/python3.4/configparser.py", line 827, in items
    raise NoSectionError(section)
configparser.NoSectionError: No section: 'pia'

I've put my username and password in the login.conf file as described on the wiki

as Far as I can tell, all files are installed:

private-internet-access-vpn /etc/
private-internet-access-vpn /etc/openvpn/
private-internet-access-vpn /etc/openvpn/AU_Melbourne.conf
private-internet-access-vpn /etc/openvpn/AU_Sydney.conf
private-internet-access-vpn /etc/openvpn/Brazil.conf
private-internet-access-vpn /etc/openvpn/CA_North York.conf
private-internet-access-vpn /etc/openvpn/CA_Toronto.conf
private-internet-access-vpn /etc/openvpn/France.conf
private-internet-access-vpn /etc/openvpn/Germany.conf
private-internet-access-vpn /etc/openvpn/Hong_Kong.conf
private-internet-access-vpn /etc/openvpn/Israel.conf
private-internet-access-vpn /etc/openvpn/Japan.conf
private-internet-access-vpn /etc/openvpn/Mexico.conf
private-internet-access-vpn /etc/openvpn/Netherlands.conf
private-internet-access-vpn /etc/openvpn/Romania.conf
private-internet-access-vpn /etc/openvpn/Russia.conf
private-internet-access-vpn /etc/openvpn/Singapore.conf
private-internet-access-vpn /etc/openvpn/Sweden.conf
private-internet-access-vpn /etc/openvpn/Switzerland.conf
private-internet-access-vpn /etc/openvpn/Turkey.conf
private-internet-access-vpn /etc/openvpn/UK_London.conf
private-internet-access-vpn /etc/openvpn/UK_Southampton.conf
private-internet-access-vpn /etc/openvpn/US_California.conf
private-internet-access-vpn /etc/openvpn/US_East.conf
private-internet-access-vpn /etc/openvpn/US_Florida.conf
private-internet-access-vpn /etc/openvpn/US_Midwest.conf
private-internet-access-vpn /etc/openvpn/US_New York City.conf
private-internet-access-vpn /etc/openvpn/US_Seattle.conf
private-internet-access-vpn /etc/openvpn/US_Silicon Valley.conf
private-internet-access-vpn /etc/openvpn/US_Texas.conf
private-internet-access-vpn /etc/openvpn/US_West.conf
private-internet-access-vpn /etc/openvpn/ca.crt
private-internet-access-vpn /etc/openvpn/crl.pem
private-internet-access-vpn /etc/openvpn/update-resolv-conf.sh
private-internet-access-vpn /etc/private-internet-access/
private-internet-access-vpn /etc/private-internet-access/login-example.conf
private-internet-access-vpn /etc/private-internet-access/pia-example.conf
private-internet-access-vpn /usr/
private-internet-access-vpn /usr/bin/
private-internet-access-vpn /usr/bin/pia
private-internet-access-vpn /usr/lib/
private-internet-access-vpn /usr/lib/python3.4/
private-internet-access-vpn /usr/lib/python3.4/site-packages/
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia-2.4.1-py3.4.egg-info/
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia-2.4.1-py3.4.egg-info/PKG-INFO
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia-2.4.1-py3.4.egg-info/SOURCES.txt
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia-2.4.1-py3.4.egg-info/dependency_links.txt
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia-2.4.1-py3.4.egg-info/entry_points.txt
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia-2.4.1-py3.4.egg-info/requires.txt
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia-2.4.1-py3.4.egg-info/top_level.txt
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/__init__.py
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/__pycache__/
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/__pycache__/__init__.cpython-34.pyc
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/__pycache__/__init__.cpython-34.pyo
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/__pycache__/command_line.cpython-34.pyc
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/__pycache__/command_line.cpython-34.pyo
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/__pycache__/docopt.cpython-34.pyc
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/__pycache__/docopt.cpython-34.pyo
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/__pycache__/properties.cpython-34.pyc
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/__pycache__/properties.cpython-34.pyo
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/__pycache__/run.cpython-34.pyc
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/__pycache__/run.cpython-34.pyo
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/__pycache__/utils.cpython-34.pyc
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/__pycache__/utils.cpython-34.pyo
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/applications/
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/applications/__init__.py
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/applications/__pycache__/
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/applications/__pycache__/__init__.cpython-34.pyc
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/applications/__pycache__/__init__.cpython-34.pyo
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/applications/__pycache__/appstrategy.cpython-34.pyc
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/applications/__pycache__/appstrategy.cpython-34.pyo
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/applications/appstrategy.py
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/applications/hooks/
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/applications/hooks/__init__.py
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/applications/hooks/__pycache__/
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/applications/hooks/__pycache__/__init__.cpython-34.pyc
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/applications/hooks/__pycache__/__init__.cpython-34.pyo
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/applications/hooks/__pycache__/cm.cpython-34.pyc
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/applications/hooks/__pycache__/cm.cpython-34.pyo
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/applications/hooks/__pycache__/nm.cpython-34.pyc
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/applications/hooks/__pycache__/nm.cpython-34.pyo
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/applications/hooks/__pycache__/openvpn.cpython-34.pyc
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/applications/hooks/__pycache__/openvpn.cpython-34.pyo
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/applications/hooks/cm.py
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/applications/hooks/nm.py
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/applications/hooks/openvpn.py
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/applications/template-configs/
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/applications/template-configs/cm.cfg
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/applications/template-configs/nm.cfg
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/command_line.py
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/docopt.py
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/properties.py
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/run.py
private-internet-access-vpn /usr/lib/python3.4/site-packages/pia/utils.py
private-internet-access-vpn /usr/lib/system/
private-internet-access-vpn /usr/lib/system/openvpn@.service.d/
private-internet-access-vpn /usr/lib/system/openvpn@.service.d/restart.conf
private-internet-access-vpn /usr/lib/system/systemd/
private-internet-access-vpn /usr/lib/system/systemd/system-sleep/
private-internet-access-vpn /usr/lib/system/systemd/system-sleep/vpn.sh
private-internet-access-vpn /usr/share/
private-internet-access-vpn /usr/share/man/
private-internet-access-vpn /usr/share/man/man8/
private-internet-access-vpn /usr/share/man/man8/pia.8.gz

Offline

#7 2016-04-13 21:38:17

Yamashita Ren
Member
Registered: 2013-08-26
Posts: 14

Re: Connman - Can't connect to OpenVPN

Bumped into OP's issue today and just managed to solve it.
What OP is lacking in his conf file is :

OpenVPN.TLSAuthDir = 1

Seems idiot but since I didn't find many topics talking about Connman+OpenVPN...

Last edited by Yamashita Ren (2016-04-13 21:39:51)

Offline

Board footer

Powered by FluxBB