Arch Linux

gcb

Member

Registered: 2014-02-12

Posts: 120

Issues with Network Manager auto-connection to VPN

I am evaluating a setup that we had via systemd files to be setup via end user GUI (kde nm frontent). The plan is to require vpn when user connects to random new wifi networks.

For now i'm just evaluating setting up everything manually, not even dealing with changing the "template" yet.

Everything seems to be working fine, except for one little detail. KDE allows to enable auto "Automatically connect to VPN" when setting up wifi networks. If I set this up, the wifi never connects (connect disconnect loop), and i see in the logs:

```
auto-activation failed: The connection is not a VPN
```

There is nothing around this that indicates anything is wrong. Before this is the messages about the wifi connection, ip, dns etc... then this message and disconnect messages. Nothing indicating it failed to get an IP in time etc. The connect-disconnect is almost instantaneous.

If I disable the "Automatically connect to VPN" and manually connect to the wifi and then to the wireguard profile, it works fine.

What is causing this log message? What is deciding it "is not a VPN"?

00:31:58 wpa_supplicant[890]: wlp1s0: WPA: Key negotiation completed with ac:ac:c0:80:80:80 [PTK=CCMP GTK=CCMP]
00:31:58 wpa_supplicant[890]: wlp1s0: CTRL-EVENT-CONNECTED - Connection to ac:ac:c0:80:80:80 completed [id=0 id_str=]
00:31:58 NetworkManager[825]: <info>  [1705401118.1614] device (wlp1s0): supplicant interface state: 4way_handshake -> completed
00:31:58 NetworkManager[825]: <info>  [1705401118.1614] device (wlp1s0): Activation: (wifi) Stage 2 of 5 (Device Configure) successful. Connected to wireless network "ZZZ80"
00:31:58 NetworkManager[825]: <info>  [1705401118.1616] device (wlp1s0): state change: config -> ip-config (reason 'none', sys-iface-state: 'managed')
00:31:58 NetworkManager[825]: <info>  [1705401118.1621] dhcp4 (wlp1s0): activation: beginning transaction (timeout in 45 seconds)
00:31:58 systemd[1]: NetworkManager-dispatcher.service: Deactivated successfully.
00:31:58 NetworkManager[825]: <info>  [1705401118.2652] dhcp4 (wlp1s0): state changed new lease, address=192.168.1.186
00:31:58 NetworkManager[825]: <info>  [1705401118.2656] policy: set 'ZZZ80' (wlp1s0) as default for IPv4 routing and DNS
00:31:58 NetworkManager[825]: <info>  [1705401118.2798] device (wlp1s0): state change: ip-config -> ip-check (reason 'none', sys-iface-state: 'managed')
00:31:58 wpa_supplicant[890]: wlp1s0: CTRL-EVENT-SIGNAL-CHANGE above=1 signal=-40 noise=-114 txrate=216000
00:31:58 systemd[1]: Starting Network Manager Script Dispatcher Service...
00:31:58 systemd[1]: Started Network Manager Script Dispatcher Service.
00:31:58 NetworkManager[825]: <info>  [1705401118.3257] device (wlp1s0): state change: ip-check -> secondaries (reason 'none', sys-iface-state: 'managed')
00:31:58 NetworkManager[825]: <warn>  [1705401118.3258] policy: secondary connection 'wg-za-jnb (e539fc13-6c50-4cf4-82f7-0b9d7ec5c403)' auto-activation failed: The connection is not a VPN
00:31:58 NetworkManager[825]: <info>  [1705401118.3258] device (wlp1s0): state change: secondaries -> failed (reason 'secondary-connection-failed', sys-iface-state: 'managed')
00:31:58 NetworkManager[825]: <info>  [1705401118.3260] manager: NetworkManager state is now DISCONNECTED
00:31:58 kernel: wlp1s0: deauthenticating from ac:ac:c0:80:80:80 by local choice (Reason: 3=DEAUTH_LEAVING)
00:31:58 wpa_supplicant[890]: wlp1s0: CTRL-EVENT-DISCONNECTED bssid=ac:ac:c0:80:80:80 reason=3 locally_generated=1
00:31:58 wpa_supplicant[890]: BSSID ac:ac:c0:80:80:80 ignore list count incremented to 2, ignoring for 10 seconds
00:31:58 NetworkManager[825]: <info>  [1705401118.4482] device (wlp1s0): set-hw-addr: set MAC address to 80:80:80:80:80:80 (scanning)
00:31:58 NetworkManager[825]: <warn>  [1705401118.5044] device (wlp1s0): Activation: failed for connection 'ZZZ80'

Last edited by gcb (2024-01-16 10:39:21)

-thc

Member

Registered: 2017-03-15

Posts: 502

Re: Issues with Network Manager auto-connection to VPN

AFAIK, NetworkManager considers WireGuard connections separate from "VPN connections" - which means (in my case) that this NM switch only lets me choose between my VPN connections (and not a WireGuard connection).

Last edited by -thc (2024-01-16 12:26:12)

gcb

Member

Registered: 2014-02-12

Posts: 120

Re: Issues with Network Manager auto-connection to VPN

AFAIK, NetworkManager considers WireGuard connections separate from "VPN connections" - which means (in my case) that this NM switch only lets me choose between my VPN connections (and not a WireGuard connection).

The "Automatically connect to VPN" have a dropdown where it filters my connection list by which i suppose is what it assumes is a VPN, and it shows all my wireguard ones there. Strange.

gcb

Member

Registered: 2014-02-12

Posts: 120

Re: Issues with Network Manager auto-connection to VPN

More time to look into this issue.

The source of the error is https://github.com/NetworkManager/Netwo … cy.c#L1934

There's already a bug filled on NetworkManager https://gitlab.freedesktop.org/NetworkM … ssues/1395

Last edited by gcb (2024-02-06 10:17:52)