[SOLVED] networkmanager-openvpn 1.10.2-3: can't save my VPN password

LithoUser · 2023-06-09 06:13:45

Hello!

In recent weeks, I've had a problem with networkmanager-openvpn not being able to save my VPN password, and asking for it over and over again.

A few days ago, version 1.10.2-2 solved the problem; but yesterday, version 1.10.2-3 caused a regression, and I can't connect to my VPN via NetworkManager again.

According to this page, the only difference between versions 1.10.2-2 and 1.10.2-3 is this commit, which removes a fix for data-ciphers.

However, in my case, this fix seems essential for NetworkManager to remember my VPN password.

So for the time being, I've downgraded my package to version 1.10-2-2.

But is there anything I could do to solve the problem in the long term?

Thanks in advance for your help!

Edit: I forgot to mention that my VPN is Mullvad; I import the config files provided by Mullvad into NetworkManager following the method described on this page (part "Ubuntu - using NetworkManager").

Last edited by LithoUser (2023-06-19 14:07:19)

sammiev · 2023-06-09 11:19:37

Make sure the password field is set to "Store the password for all users".

LithoUser · 2023-06-09 15:47:09

It is, and it has always been.

But I've posted in the wrong section; could someone move the post to the correct section, please?

sammiev · 2023-06-10 16:17:59

It defaults for "Store the password only for this user"
I had to change it to "Store the password for all user" for it to save the password.
Best of luck.

LithoUser · 2023-06-11 07:58:41

Yes I know. As I said, I've set it to "Store for all users" a long time ago.

I'll repost in the right section.

Thanks for your time trying to help me!

WorMzy · 2023-06-11 08:26:22

Mod note: moving to Networking

LithoUser · 2023-06-13 13:43:53

My problem seems *very* strange: NetworkManager asks for the VPN password, but even when I enter it, it refuses to establish the connection, and asks for the password again.

What's more, the password is already pre-filled inside the window in which NetworkManager asks for a password!

Could someone help me to diagnose this problem? Thank you very much for any help!

ewaller · 2023-06-13 14:14:00

Honestly, it sounds like you are using the wrong password. Can you disable NetworkManager and connect with wpa_supplicant from a cli?

Any chance you have multiple things controlling your network? (post the output od find /etc/systemd/system )

LithoUser · 2023-06-13 19:51:38

Thanks for your answer!

ewaller wrote:

Honestly, it sounds like you are using the wrong password.

Not possible: the password is "m" (as explained here).

ewaller wrote:

Can you disable NetworkManager and connect with wpa_supplicant from a cli?

Isn't there a misunderstanding? Sorry if it's the case: my Internet works fine; NetworkManager keeps asking for my VPN password, and can't connect to my VPN server (using Mullvad config files). Should I still try this? I'm note 100% sure of what you mean...

ewaller wrote:

Any chance you have multiple things controlling your network? (post the output od find /etc/systemd/system )

Mmmm... I don't think so, but here it is:

$ find /etc/systemd/system
/etc/systemd/system
/etc/systemd/system/multi-user.target.wants
/etc/systemd/system/multi-user.target.wants/NetworkManager.service
/etc/systemd/system/multi-user.target.wants/pipemenu-startup-commands.service
/etc/systemd/system/multi-user.target.wants/smb.service
/etc/systemd/system/multi-user.target.wants/cups.path
/etc/systemd/system/multi-user.target.wants/remote-fs.target
/etc/systemd/system/multi-user.target.wants/org.cups.cupsd.path
/etc/systemd/system/multi-user.target.wants/ufw.service
/etc/systemd/system/pipemenu-startup-commands.service
/etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service
/etc/systemd/system/timers.target.wants
/etc/systemd/system/timers.target.wants/fstrim.timer
/etc/systemd/system/getty.target.wants
/etc/systemd/system/getty.target.wants/getty@tty1.service
/etc/systemd/system/printer.target.wants
/etc/systemd/system/printer.target.wants/org.cups.cupsd.service
/etc/systemd/system/printer.target.wants/cups.service
/etc/systemd/system/sockets.target.wants
/etc/systemd/system/sockets.target.wants/org.cups.cupsd.socket
/etc/systemd/system/sockets.target.wants/cups.socket
/etc/systemd/system/display-manager.service
/etc/systemd/system/network-online.target.wants
/etc/systemd/system/network-online.target.wants/NetworkManager-wait-online.service

ewaller · 2023-06-13 20:10:45

That looks fine. I may have missed this was VPN passwords in particular.

schard · 2023-06-13 20:14:50

I don't know why nobody has asked this yet, but what does the journal tell you?

LithoUser · 2023-06-14 05:41:10

It doesn't say much.

Each time I click on a VPN connection in NetworkManager, an "Authentication required" window appears, as shown in this image.

If I enter the password and click on "Activate", the journal says:

journalctl wrote:

nm-openvpn[16391]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

And after 2 or 3 seconds, NetworkManager asks for my VPN password again...

If I click on "Cancel", the journal says:

journalctl wrote:

NetworkManager[555]: <warn> [1686720366.9328] vpn[0x55d3675a5ea0,18316fe1-65ed-46b9-be25-0497881d04b0,"mullvad_nl_ams"]: secrets: failed to request VPN secrets #4: User canceled the secrets request.
nm-openvpn[16391]: ERROR: could not read Auth username/password/ok/string from management interface

LithoUser · 2023-06-17 04:57:21

It seems I haven't given enough information for someone to help me... What other information is needed to help solve this problem?

Failing that, is there another graphical connection manager (my wife doesn't use the command line at all) that would make it easy to connect to a VPN server? (And change servers, too).

Thank you for your help!

-thc · 2023-06-17 05:46:08

First please verify that the secrets are properly stored.

A: If you store the secrets for your user only

Install seahorse (Accessories/Passwords and Keys). Store the secrets via NetworkManagers connection editor.
Open seahorse and verify that the secrets are available.

B: If you store the secrets for all users

Store the secrets via NetworkManagers connection editor.

sudo cat /etc/NetworkManager/system-connections/CONNECTION_NAME.nmconnection

should now contain "[vpn-secrets]" and the stored secrets - yes - as plain text.

LithoUser · 2023-06-17 07:53:48

Yes, they're properly stored; "Store for all users" is checked.

$ sudo cat /etc/NetworkManager/system-connections/mullvad_nl_ams.nmconnection
[connection]
id=mullvad_nl_ams
uuid=18316fe1-65ed-46b9-be25-0497881d04b0
type=vpn
autoconnect=false
timestamp=1686460282
[vpn]
ca=/home/meme/.cert/nm-openvpn/mullvad_nl_ams-ca.pem
cipher=AES-256-CBC
connection-type=password
dev=tun
password-flags=0
ping=10
ping-restart=60
remote=nl-ams-ovpn-005.relays.mullvad.net:1195, nl-ams-ovpn-006.relays.mullvad.net:1195, nl-ams-ovpn-002.relays.mullvad.net:1195, nl-ams-ovpn-001.relays.mullvad.net:1195, nl-ams-ovpn-003.relays.mullvad.net:1195, nl-ams-ovpn-004.relays.mullvad.net:1195
remote-cert-tls=server
remote-random=yes
reneg-seconds=0
tls-cipher=TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA
tun-ipv6=yes
username=[edited: there is my username here]
service-type=org.freedesktop.NetworkManager.openvpn
[vpn-secrets]
password=m
[ipv4]
method=auto
[ipv6]
addr-gen-mode=stable-privacy
method=auto
[proxy]

Last edited by LithoUser (2023-06-17 07:56:00)

-thc · 2023-06-17 09:11:43

Yes - your password is stored correctly.

Maybe the re-query of the password is a symptom of a different (not password related) problem.

Unfortunately there seems to be no way to tell networkmanager-openvpn to raise the verbosity level of the openvpn process ("verb 3").
Raising the log level of NetworkManager itself doesn't help.

Further analyzing the problem would require either using openvpn manually (with the downloaded configuration) or using another platform (Android, OSX, Windoze).

I suspect the TLS negotiation failing - can you try the following:

In "Network Connections" > mullvad... > edit > VPN > Advanced > TLS Authentication

- Empty the field "TLS cipher string"
- Set "TLS min version" to "1.3" and check "or highest"

Does this change the behavior?

LithoUser · 2023-06-17 12:56:53

Thank you so much for helping me!

-thc wrote:

Further analyzing the problem would require either using openvpn manually (with the downloaded configuration) or using another platform (Android, OSX, Windoze).

For the moment, I use openvpn directly from the command line; it works fine, and there doesn't seem to be any error message; for example:

$ sudo openvpn mullvad_fr_par.conf
[sudo] password for meme:
2023-06-17 14:45:58 Note: option tun-ipv6 is ignored because modern operating systems do not need special IPv6 tun handling anymore.
2023-06-17 14:45:58 Note: Kernel support for ovpn-dco missing, disabling data channel offload.
2023-06-17 14:45:58 WARNING: file 'mullvad_userpass.txt' is group or others accessible
2023-06-17 14:45:58 OpenVPN 2.6.5 [git:makepkg/cbc9e0ce412e7b42+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO] built on Jun 13 2023
2023-06-17 14:45:58 library versions: OpenSSL 3.1.1 30 May 2023, LZO 2.10
2023-06-17 14:45:58 DCO version: N/A
2023-06-17 14:45:58 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2023-06-17 14:45:58 TCP/UDP: Preserving recently used remote address: [AF_INET]146.70.184.130:1197
2023-06-17 14:45:58 Socket Buffers: R=[212992->425984] S=[212992->425984]
2023-06-17 14:45:58 UDPv4 link local: (not bound)
2023-06-17 14:45:58 UDPv4 link remote: [AF_INET]146.70.184.130:1197
2023-06-17 14:45:58 TLS: Initial packet from [AF_INET]146.70.184.130:1197, sid=e63645df 40e0a2d8
2023-06-17 14:45:58 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2023-06-17 14:45:58 VERIFY OK: depth=2, C=SE, ST=Gotaland, L=Gothenburg, O=Amagicom AB, OU=Mullvad, CN=Mullvad Root CA v2, emailAddress=security@mullvad.net
2023-06-17 14:45:58 VERIFY OK: depth=1, C=SE, ST=Gotaland, O=Amagicom AB, OU=Mullvad, CN=Mullvad Intermediate CA v5, emailAddress=security@mullvad.net
2023-06-17 14:45:58 VERIFY KU OK
2023-06-17 14:45:58 Validating certificate extended key usage
2023-06-17 14:45:58 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2023-06-17 14:45:58 VERIFY EKU OK
2023-06-17 14:45:58 VERIFY OK: depth=0, C=SE, ST=Gotaland, O=Amagicom AB, OU=Mullvad, CN=fr-par-ovpn-101.mullvad.net, emailAddress=security@mullvad.net
2023-06-17 14:45:58 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, peer certificate: 4096 bit RSA, signature: RSA-SHA256
2023-06-17 14:45:58 [fr-par-ovpn-101.mullvad.net] Peer Connection Initiated with [AF_INET]146.70.184.130:1197
2023-06-17 14:45:58 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
2023-06-17 14:45:58 TLS: tls_multi_process: initial untrusted session promoted to trusted
2023-06-17 14:45:59 SENT CONTROL [fr-par-ovpn-101.mullvad.net]: 'PUSH_REQUEST' (status=1)
2023-06-17 14:46:00 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 10.11.0.1,redirect-gateway def1 bypass-dhcp,route-ipv6 0000::/2,route-ipv6 4000::/2,route-ipv6 8000::/2,route-ipv6 C000::/2,route-gateway 10.11.0.1,topology subnet,socket-flags TCP_NODELAY,ifconfig-ipv6 fdda:d0d0:cafe:1197::1000/64 fdda:d0d0:cafe:1197::,ifconfig 10.11.0.2 255.255.0.0,peer-id 0,cipher AES-256-GCM,protocol-flags cc-exit tls-ekm dyn-tls-crypt,tun-mtu 1500'
2023-06-17 14:46:00 OPTIONS IMPORT: --socket-flags option modified
2023-06-17 14:46:00 NOTE: setsockopt TCP_NODELAY=1 failed
2023-06-17 14:46:00 OPTIONS IMPORT: --ifconfig/up options modified
2023-06-17 14:46:00 OPTIONS IMPORT: route options modified
2023-06-17 14:46:00 OPTIONS IMPORT: route-related options modified
2023-06-17 14:46:00 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2023-06-17 14:46:00 OPTIONS IMPORT: tun-mtu set to 1500
2023-06-17 14:46:00 net_route_v4_best_gw query: dst 0.0.0.0
2023-06-17 14:46:00 net_route_v4_best_gw result: via 192.168.1.1 dev enp2s0
2023-06-17 14:46:00 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=enp2s0 HWADDR=e0:cb:4e:d5:86:0c
2023-06-17 14:46:00 GDG6: remote_host_ipv6=n/a
2023-06-17 14:46:00 net_route_v6_best_gw query: dst ::
2023-06-17 14:46:00 sitnl_send: rtnl: generic error (-101): Network is unreachable
2023-06-17 14:46:00 ROUTE6: default_gateway=UNDEF
2023-06-17 14:46:00 TUN/TAP device tun0 opened
2023-06-17 14:46:00 net_iface_mtu_set: mtu 1500 for tun0
2023-06-17 14:46:00 net_iface_up: set tun0 up
2023-06-17 14:46:00 net_addr_v4_add: 10.11.0.2/16 dev tun0
2023-06-17 14:46:00 net_iface_mtu_set: mtu 1500 for tun0
2023-06-17 14:46:00 net_iface_up: set tun0 up
2023-06-17 14:46:00 net_addr_v6_add: fdda:d0d0:cafe:1197::1000/64 dev tun0
2023-06-17 14:46:00 /etc/openvpn/update-resolv-conf tun0 1500 0 10.11.0.2 255.255.0.0 init
dhcp-option DNS 10.11.0.1
2023-06-17 14:46:00 net_route_v4_add: 146.70.184.130/32 via 192.168.1.1 dev [NULL] table 0 metric -1
2023-06-17 14:46:00 net_route_v4_add: 0.0.0.0/1 via 10.11.0.1 dev [NULL] table 0 metric -1
2023-06-17 14:46:00 net_route_v4_add: 128.0.0.0/1 via 10.11.0.1 dev [NULL] table 0 metric -1
2023-06-17 14:46:00 add_route_ipv6(::/2 -> fdda:d0d0:cafe:1197:: metric -1) dev tun0
2023-06-17 14:46:00 net_route_v6_add: ::/2 via :: dev tun0 table 0 metric -1
2023-06-17 14:46:00 add_route_ipv6(4000::/2 -> fdda:d0d0:cafe:1197:: metric -1) dev tun0
2023-06-17 14:46:00 net_route_v6_add: 4000::/2 via :: dev tun0 table 0 metric -1
2023-06-17 14:46:00 add_route_ipv6(8000::/2 -> fdda:d0d0:cafe:1197:: metric -1) dev tun0
2023-06-17 14:46:00 net_route_v6_add: 8000::/2 via :: dev tun0 table 0 metric -1
2023-06-17 14:46:00 add_route_ipv6(c000::/2 -> fdda:d0d0:cafe:1197:: metric -1) dev tun0
2023-06-17 14:46:00 net_route_v6_add: c000::/2 via :: dev tun0 table 0 metric -1
2023-06-17 14:46:00 Initialization Sequence Completed
2023-06-17 14:46:00 Data Channel: cipher 'AES-256-GCM', peer-id: 0
2023-06-17 14:46:00 Timers: ping 10, ping-restart 60
2023-06-17 14:46:00 Protocol options: protocol-flags cc-exit tls-ekm dyn-tls-crypt

-thc wrote:

In "Network Connections" > mullvad... > edit > VPN > Advanced > TLS Authentication

I don't see any "Advanced" button; you mean in nm-connection-editor, right? I edit the mullvad connection, but there's no "Advanced" button in the "VPN" tab.

For the record, I don't use any desktop environment; I use Openbox with the packages I need. Maybe something's missing?

Last edited by LithoUser (2023-06-17 12:57:52)

ewaller · 2023-06-17 15:32:44

I circled back around to this thread this morning to offer some suggestions that we look at the passwords stored in /etc/NetworkManager, but found I am a day late and a dollar short.
So, it has been established that the passwords are being stored.
I do question the lack of password strength and wonder if something in the mix does not care for a one character password; except this has all worked in the past.

At this point, you are using Mullvad through OpenVPN on NetworkManager using Certs provided by Mullvad.
It has been established that the password is indeed being stored.
The link you provided in your update to your first post details a method to connect using OpenVPN as a service as well. I assume that is what you mean when it works from the command line?

You might also check whether Mullvad has newer certs and, if so, reconfigure to use the new certs.

Also, this was interesting:

2023-06-17 14:45:58 WARNING: file 'mullvad_userpass.txt' is group or others accessible

There may be other places where passwords are being stored. And it seems to be protected by a group. You may want to find that file, check its permissions and ensure NetworkManager has access.

LithoUser · 2023-06-17 16:39:21

ewaller wrote:

I do question the lack of password strength

Unfortunately, it's the password given by Mullvad for all its config files; I can't modify it.

ewaller wrote:

The link you provided in your update to your first post details a method to connect using OpenVPN as a service as well. I assume that is what you mean when it works from the command line?

Yes, that's exactly what I mean. On the top of the page, the part "Ubuntu / Debian - using the terminal".

ewaller wrote:

You might also check whether Mullvad has newer certs and, if so, reconfigure to use the new certs.

Done. I've deleted the connections from NetworkManager, then downloaded new config files from Mullvad and I've imported them once again into NetworkManager; unfortunately, the result is the same.

ewaller wrote:

There may be other places where passwords are being stored. And it seems to be protected by a group. You may want to find that file, check its permissions and ensure NetworkManager has access.

Here, I'm not sure I can explain myself clearly (sorry for my bad English): I simply downloaded and unzipped (in my /home/meme folder) the Mullvad configuration file to test directly with OpenVPN from my current user account (cf. my post above: "sudo openvpn mullvad_en_par.conf").
So the permissions are:

$ ls -l mullvad_userpass.txt
-rw-r--r-- 1 meme users 19 16 may 16:46 mullvad_userpass.txt

-thc · 2023-06-18 05:53:44

LithoUser wrote:

for example:
$ sudo openvpn mullvad_fr_par.conf
[...]
2023-06-17 14:45:58 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, peer certificate: 4096 bit RSA, signature: RSA-SHA256
[...]
2023-06-17 14:46:00 Protocol options: protocol-flags cc-exit tls-ekm dyn-tls-crypt

Is there a special reason why you imported "mullvad_nl_ams" (supposedly Amsterdam) into NetworkManager and are using "mullvad_fr_par" (supposedly Paris) from the command line? Have you tried Amsterdam via command line? Have those configurations the same "age"?

LithoUser wrote:

I don't see any "Advanced" button; you mean in nm-connection-editor, right? I edit the mullvad connection, but there's no "Advanced" button in the "VPN" tab.
For the record, I don't use any desktop environment; I use Openbox with the packages I need. Maybe something's missing?

nm-connection-editor has a VPN/"Advanced" button - sometimes you have to scroll down or vertically expand the window to "reach" it.

LithoUser · 2023-06-19 05:59:29

-thc wrote:

Is there a special reason why you imported "mullvad_nl_ams" (supposedly Amsterdam) into NetworkManager and are using "mullvad_fr_par" (supposedly Paris) from the command line?

These are just examples; I've created many connections, since I wanted to test different servers, in different locations. The result is always the same, whatever server I use: it always works on the command line, but never with NetworkManager.

-thc wrote:

nm-connection-editor has a VPN/"Advanced" button - sometimes you have to scroll down or vertically expand the window to "reach" it.

Pfff... Of course, sorry for that.

-thc wrote:

I suspect the TLS negotiation failing - can you try the following:
In "Network Connections" > mullvad... > edit > VPN > Advanced > TLS Authentication
- Empty the field "TLS cipher string"
- Set "TLS min version" to "1.3" and check "or highest"

Unfortunately, the result is the same. journalctl just says:

journalctl wrote:

nm-openvpn[123163]: ERROR: could not read Auth username/password/ok/string from management interface

-thc · 2023-06-19 11:59:22

O.K. - it wasn't a TLS mismatch then.

Maybe it's the symmetric cipher? The commit mentioned first also hints in this direction.

Under the advanced VPN config > Security, try choosing the cipher "AES-256-GCM" explicitly.

LithoUser · 2023-06-19 14:06:59

Yes! That was the problem.

Thank you *very* much for all the help! I'd never have found it!

-thc · 2023-06-19 14:23:16

Cool. You're welcome.

Arch Linux

#1 2023-06-09 06:13:45

[SOLVED] networkmanager-openvpn 1.10.2-3: can't save my VPN password

#2 2023-06-09 11:19:37

Re: [SOLVED] networkmanager-openvpn 1.10.2-3: can't save my VPN password

#3 2023-06-09 15:47:09

Re: [SOLVED] networkmanager-openvpn 1.10.2-3: can't save my VPN password

#4 2023-06-10 16:17:59

Re: [SOLVED] networkmanager-openvpn 1.10.2-3: can't save my VPN password

#5 2023-06-11 07:58:41

Re: [SOLVED] networkmanager-openvpn 1.10.2-3: can't save my VPN password

#6 2023-06-11 08:26:22

Re: [SOLVED] networkmanager-openvpn 1.10.2-3: can't save my VPN password

#7 2023-06-13 13:43:53

Re: [SOLVED] networkmanager-openvpn 1.10.2-3: can't save my VPN password

#8 2023-06-13 14:14:00

Re: [SOLVED] networkmanager-openvpn 1.10.2-3: can't save my VPN password

#9 2023-06-13 19:51:38

Re: [SOLVED] networkmanager-openvpn 1.10.2-3: can't save my VPN password

#10 2023-06-13 20:10:45

Re: [SOLVED] networkmanager-openvpn 1.10.2-3: can't save my VPN password

#11 2023-06-13 20:14:50

Re: [SOLVED] networkmanager-openvpn 1.10.2-3: can't save my VPN password

#12 2023-06-14 05:41:10

Re: [SOLVED] networkmanager-openvpn 1.10.2-3: can't save my VPN password

#13 2023-06-17 04:57:21

Re: [SOLVED] networkmanager-openvpn 1.10.2-3: can't save my VPN password

#14 2023-06-17 05:46:08

Re: [SOLVED] networkmanager-openvpn 1.10.2-3: can't save my VPN password

#15 2023-06-17 07:53:48

Re: [SOLVED] networkmanager-openvpn 1.10.2-3: can't save my VPN password

#16 2023-06-17 09:11:43

Re: [SOLVED] networkmanager-openvpn 1.10.2-3: can't save my VPN password

#17 2023-06-17 12:56:53

Re: [SOLVED] networkmanager-openvpn 1.10.2-3: can't save my VPN password

#18 2023-06-17 15:32:44

Re: [SOLVED] networkmanager-openvpn 1.10.2-3: can't save my VPN password

#19 2023-06-17 16:39:21

Re: [SOLVED] networkmanager-openvpn 1.10.2-3: can't save my VPN password

#20 2023-06-18 05:53:44

Re: [SOLVED] networkmanager-openvpn 1.10.2-3: can't save my VPN password

#21 2023-06-19 05:59:29

Re: [SOLVED] networkmanager-openvpn 1.10.2-3: can't save my VPN password

#22 2023-06-19 11:59:22

Re: [SOLVED] networkmanager-openvpn 1.10.2-3: can't save my VPN password

#23 2023-06-19 14:06:59

Re: [SOLVED] networkmanager-openvpn 1.10.2-3: can't save my VPN password

#24 2023-06-19 14:23:16

Re: [SOLVED] networkmanager-openvpn 1.10.2-3: can't save my VPN password

Board footer