You are not logged in.
Hi. For some reason the openconnect networkmanager plugin doesn't work for me. After I enter the correct VPN password the NM icon animates for about a minute, then gives up.
networkmanager-openconnect 1.2.4-2, openconnect 1:7.08-1. The CLI openconnect DOES work.
"setcap cap_net_admin+ep /usr/bin/openconnect" didn't help: the complaint about SIOCSIFMTU disappeared, but it still fails.
Exported profile:
[openconnect]
Description=acme-Alias
Host=vpn.acme.com
CACert=(null)
Protocol=anyconnect
Proxy=
CSDEnable=0
CSDWrapper=
UserCertificate=(null)
PrivateKey=(null)
FSID=0
StokenSource=disabled
StokenString=Successful connect from Command line:
[root@reallin il]# openconnect vpn.acme.com --authgroup=acme --user=ibo1620
POST https://vpn.acme.com/
Connected to 1.2.3.4:443
SSL negotiation with vpn.acme.com
Connected to HTTPS on vpn.acme.com
XML POST enabled
POST https://vpn.acme.com/
XML POST enabled
Password:
POST https://vpn.acme.com/
Got CONNECT response: HTTP/1.1 200 OK
CSTP connected. DPD 30, Keepalive 20
Connected as 10.254.252.42, using SSL
DTLS handshake failed: Resource temporarily unavailable, try again.
Connect Banner:
|
| == Welcome to acme plumbers ==
| Your device must have up to date Anti Virus software, otherwise you are required to disconnect!!
|system journal near NM:
Jul 20 15:16:47 reallin.joe NetworkManager[267]: <info> [1500553007.7280] keyfile: update /etc/NetworkManager/system-connections/acme-Alias (bc5abdc7-b450-423d-96ee-f3a9a3668cff,"acme-Alias")
Jul 20 15:16:47 reallin.joe NetworkManager[267]: <info> [1500553007.7286] audit: op="connection-update" uuid="bc5abdc7-b450-423d-96ee-f3a9a3668cff" name="acme-Alias" pid=11148 uid=1000 result="success"
Jul 20 15:16:55 reallin.joe NetworkManager[267]: <info> [1500553015.6317] audit: op="connection-activate" uuid="bc5abdc7-b450-423d-96ee-f3a9a3668cff" name="acme-Alias" pid=10246 uid=1000 result="success"
Jul 20 15:16:55 reallin.joe NetworkManager[267]: <info> [1500553015.6375] vpn-connection[0x295d0c0,bc5abdc7-b450-423d-96ee-f3a9a3668cff,"acme-Alias",0]: Started the VPN service, PID 11176
Jul 20 15:16:55 reallin.joe NetworkManager[267]: <info> [1500553015.6556] vpn-connection[0x295d0c0,bc5abdc7-b450-423d-96ee-f3a9a3668cff,"acme-Alias",0]: Saw the service appear; activating connection
Jul 20 15:17:13 reallin.joe dbus-daemon[10122]: Activating service name='org.gnome.keyring.SystemPrompter'
Jul 20 15:17:13 reallin.joe gcr-prompter[11193]: Couldn't connect to accessibility bus: Failed to connect to socket /tmp/dbus-U2JlY8iEQx: Connection refused
Jul 20 15:17:13 reallin.joe gcr-prompter[11193]: bus acquired: org.gnome.keyring.SystemPrompter
Jul 20 15:17:13 reallin.joe gcr-prompter[11193]: Gcr: registering prompter
Jul 20 15:17:13 reallin.joe gcr-prompter[11193]: bus acquired: org.gnome.keyring.PrivatePrompter
Jul 20 15:17:13 reallin.joe dbus-daemon[10122]: Successfully activated service 'org.gnome.keyring.SystemPrompter'
Jul 20 15:17:13 reallin.joe gcr-prompter[11193]: Gcr: received BeginPrompting call from callback /org/gnome/keyring/Prompt/p3@:1.39
Jul 20 15:17:13 reallin.joe gcr-prompter[11193]: Gcr: preparing a prompt for callback /org/gnome/keyring/Prompt/p3@:1.39
Jul 20 15:17:13 reallin.joe gcr-prompter[11193]: Gcr: creating new GcrPromptDialog prompt
Jul 20 15:17:13 reallin.joe gcr-prompter[11193]: Gcr: automatically selecting secret exchange protocol
Jul 20 15:17:13 reallin.joe gcr-prompter[11193]: Gcr: generating public key
Jul 20 15:17:13 reallin.joe gcr-prompter[11193]: Gcr: beginning the secret exchange: [sx-aes-1]\npublic=...
Jul 20 15:17:13 reallin.joe gcr-prompter[11193]: Gcr: calling the PromptReady method on /org/gnome/keyring/Prompt/p3@:1.39
Jul 20 15:17:13 reallin.joe gcr-prompter[11193]: acquired name: org.gnome.keyring.SystemPrompter
Jul 20 15:17:13 reallin.joe gcr-prompter[11193]: acquired name: org.gnome.keyring.PrivatePrompter
Jul 20 15:17:13 reallin.joe gcr-prompter[11193]: Gcr: returned from the PromptReady method on /org/gnome/keyring/Prompt/p3@:1.39
Jul 20 15:17:13 reallin.joe gcr-prompter[11193]: Gcr: received PerformPrompt call from callback /org/gnome/keyring/Prompt/p3@:1.39
Jul 20 15:17:13 reallin.joe gcr-prompter[11193]: Gcr: receiving secret exchange: [sx-aes-1]\npublic=...
Jul 20 15:17:13 reallin.joe gcr-prompter[11193]: Gcr: deriving shared transport key
Jul 20 15:17:13 reallin.joe gcr-prompter[11193]: Gcr: deriving transport key
Jul 20 15:17:13 reallin.joe gcr-prompter[11193]: Gcr: starting password prompt for callback /org/gnome/keyring/Prompt/p3@:1.39
Jul 20 15:17:13 reallin.joe gcr-prompter[11193]: GtkDialog mapped without a transient parent. This is discouraged.
Jul 20 15:17:16 reallin.joe gcr-prompter[11193]: Gcr: completed password prompt for callback :1.39@/org/gnome/keyring/Prompt/p3
Jul 20 15:17:16 reallin.joe gcr-prompter[11193]: Gcr: encrypting data
Jul 20 15:17:16 reallin.joe gcr-prompter[11193]: Gcr: sending the secret exchange: [sx-aes-1]\npublic=...
Jul 20 15:17:16 reallin.joe gcr-prompter[11193]: Gcr: calling the PromptReady method on /org/gnome/keyring/Prompt/p3@:1.39
Jul 20 15:17:16 reallin.joe gcr-prompter[11193]: Gcr: returned from the PromptReady method on /org/gnome/keyring/Prompt/p3@:1.39
Jul 20 15:17:16 reallin.joe gcr-prompter[11193]: Gcr: received PerformPrompt call from callback /org/gnome/keyring/Prompt/p3@:1.39
Jul 20 15:17:16 reallin.joe gcr-prompter[11193]: Gcr: receiving secret exchange: [sx-aes-1]\npublic=...
Jul 20 15:17:16 reallin.joe gcr-prompter[11193]: Gcr: starting password prompt for callback /org/gnome/keyring/Prompt/p3@:1.39
Jul 20 15:17:20 reallin.joe gcr-prompter[11193]: Gcr: completed password prompt for callback :1.39@/org/gnome/keyring/Prompt/p3
Jul 20 15:17:20 reallin.joe gcr-prompter[11193]: Gcr: encrypting data
Jul 20 15:17:20 reallin.joe gcr-prompter[11193]: Gcr: sending the secret exchange: [sx-aes-1]\npublic=...
Jul 20 15:17:20 reallin.joe gcr-prompter[11193]: Gcr: calling the PromptReady method on /org/gnome/keyring/Prompt/p3@:1.39
Jul 20 15:17:20 reallin.joe gcr-prompter[11193]: Gcr: returned from the PromptReady method on /org/gnome/keyring/Prompt/p3@:1.39
Jul 20 15:17:20 reallin.joe gcr-prompter[11193]: Gcr: received PerformPrompt call from callback /org/gnome/keyring/Prompt/p3@:1.39
Jul 20 15:17:20 reallin.joe gcr-prompter[11193]: Gcr: stopping prompting for operation /org/gnome/keyring/Prompt/p3@:1.39
Jul 20 15:17:20 reallin.joe gcr-prompter[11193]: Gcr: closing the prompt
Jul 20 15:17:20 reallin.joe gcr-prompter[11193]: Gcr: stopping prompting for operation /org/gnome/keyring/Prompt/p3@:1.39
Jul 20 15:17:20 reallin.joe gcr-prompter[11193]: Gcr: couldn't find the callback for prompting operation /org/gnome/keyring/Prompt/p3@:1.39
Jul 20 15:17:20 reallin.joe gcr-prompter[11193]: Gcr: stopping prompting for operation /org/gnome/keyring/Prompt/p3@:1.39
Jul 20 15:17:20 reallin.joe gcr-prompter[11193]: Gcr: couldn't find the callback for prompting operation /org/gnome/keyring/Prompt/p3@:1.39
Jul 20 15:17:20 reallin.joe gcr-prompter[11193]: Gcr: stopping prompting for operation /org/gnome/keyring/Prompt/p3@:1.39
Jul 20 15:17:20 reallin.joe gcr-prompter[11193]: Gcr: couldn't find the callback for prompting operation /org/gnome/keyring/Prompt/p3@:1.39
Jul 20 15:17:20 reallin.joe gcr-prompter[11193]: Gcr: calling the PromptDone method on /org/gnome/keyring/Prompt/p3@:1.39, and ignoring reply
Jul 20 15:17:20 reallin.joe NetworkManager[267]: <info> [1500553040.7336] keyfile: update /etc/NetworkManager/system-connections/acme-Alias (bc5abdc7-b450-423d-96ee-f3a9a3668cff,"acme-Alias")
Jul 20 15:17:20 reallin.joe NetworkManager[267]: <info> [1500553040.7347] keyfile: update /etc/NetworkManager/system-connections/acme-Alias (bc5abdc7-b450-423d-96ee-f3a9a3668cff,"acme-Alias") after persisting connection
Jul 20 15:17:20 reallin.joe NetworkManager[267]: <info> [1500553040.7443] vpn-connection[0x295d0c0,bc5abdc7-b450-423d-96ee-f3a9a3668cff,"acme-Alias",0]: VPN connection: (ConnectInteractive) reply received
Jul 20 15:17:20 reallin.joe systemd-udevd[11198]: link_config: autonegotiation is unset or enabled, the speed and duplex are not writable.
Jul 20 15:17:20 reallin.joe NetworkManager[267]: <info> [1500553040.7485] manager: (vpn0): new Tun device (/org/freedesktop/NetworkManager/Devices/5)
Jul 20 15:17:20 reallin.joe NetworkManager[267]: <info> [1500553040.7534] vpn-connection[0x295d0c0,bc5abdc7-b450-423d-96ee-f3a9a3668cff,"acme-Alias",0]: VPN plugin: state changed: starting (3)
Jul 20 15:17:20 reallin.joe openconnect[11199]: Connected to 1.2.3.4:443
Jul 20 15:17:20 reallin.joe openconnect[11199]: SSL negotiation with 1.2.3.4
Jul 20 15:17:21 reallin.joe openconnect[11199]: Server certificate verify failed: signer not found
Jul 20 15:17:21 reallin.joe openconnect[11199]: Connected to HTTPS on 1.2.3.4
Jul 20 15:17:21 reallin.joe openconnect[11199]: Got CONNECT response: HTTP/1.1 200 OK
Jul 20 15:17:21 reallin.joe openconnect[11199]: CSTP connected. DPD 30, Keepalive 20
Jul 20 15:17:21 reallin.joe openconnect[11199]: Connected as 10.254.252.33, using SSL
Jul 20 15:17:30 reallin.joe gcr-prompter[11193]: 10 second inactivity timeout, quitting
Jul 20 15:17:30 reallin.joe gcr-prompter[11193]: Gcr: unregistering prompter
Jul 20 15:17:30 reallin.joe gcr-prompter[11193]: Gcr: disposing prompter
Jul 20 15:17:30 reallin.joe gcr-prompter[11193]: Gcr: finalizing prompter
Jul 20 15:17:33 reallin.joe openconnect[11199]: DTLS handshake failed: Resource temporarily unavailable, try again.
Jul 20 15:17:34 reallin.joe openconnect[11199]: SIOCSIFMTU: Operation not permitted
Jul 20 15:17:34 reallin.joe dbus[235]: [system] Rejected send message, 1 matched rules; type="method_call", sender=":1.722" (uid=616 pid=11209 comm="/usr/lib/NetworkManager/nm-openconnect-service-ope") interface="org.freedesktop.NetworkManager.VPN.Plugin" member="SetConfig" error name="(unset)" requested_reply="0" destination=":1.720" (uid=0 pid=11176 comm="/usr/lib/NetworkManager/nm-openconnect-service --b")
Jul 20 15:18:20 reallin.joe NetworkManager[267]: <warn> [1500553100.9715] vpn-connection[0x295d0c0,bc5abdc7-b450-423d-96ee-f3a9a3668cff,"acme-Alias",0]: VPN connection: connect timeout exceeded.
Jul 20 15:18:20 reallin.joe nm-openconnect-[11176]: Connect timer expired, disconnecting.
Jul 20 15:18:20 reallin.joe NetworkManager[267]: <info> [1500553100.9772] vpn-connection[0x295d0c0,bc5abdc7-b450-423d-96ee-f3a9a3668cff,"acme-Alias",0]: VPN service disappearedLast edited by leniviy (2017-07-20 13:29:24)
Arch 64, xfce4
Offline
Experiencing the same problems. Did you come up with a solution?
Offline
Hi, I have the same Problem, did you find something to resolve this issue?
Offline
Nope. Our best bet is to install Ubuntu and check there.
Arch 64, xfce4
Offline