Network manager linux ��������� vpn

Как настроить VPN через Network Manager?

По теме не знаю, но хочу на всякий случай предупредить — у меня при настройке VPN с NetworkManager получалась такая ситуация, что часть сайтов открывалась через VPN, а часть — напрямую. Наверное, баг. Не знаю, закрыт-ли сейчас.

Соединения VPN — Настроить VPN — Добавить — Импортировать сохраненные параметры VPN и указывал *.ovpn

часть сайтов открывалась через VPN, а часть — напрямую

У меня просто соединение не устанавливается, совсем

Я понял, я просто счёл своим долгом предупредить, что если настроишь — возможен такой баг. Чтобы ты где-нибудь случайно не спалил свой ipшник.

глючи интегрированы в конфиг или отдельно лежат?

глючи интегрированы в конфиг или отдельно лежат?

А ты как думаешь? 🙂

чтобы ты где-нибудь случайно не спалил свой ipшник

Это же Антизапрет, там и так через него идут только заблокированные сайты. Мне бы чтоб заработало

А, прошу прощения, не обратил внимание.

. но я про оригинальный конфиг. А спрашиваю потому что иногда (из замеченного мной) не импортируются глючи, которые лежат в отличной от конфига мамк^Wдиректории.

Но СетевойВредитель может и тут какую-то свою фишку подбросить

Все в одной директории. Пробовал и *.ovpn с интегрированными ключами — один хрен

где-то какие-нибудь логи посмотреть можно?

Хороший вопрос. Но не ко мне. А, вообще, если есть systemd — то в journal. Иначе — в syslog.

настраивать vpn надо через nmcli как и bridge, через гуй шиш.http://askubuntu.com/questions/57339/connect-disconnect-from-vpn-from-the-command-line

настраивать vpn надо через nmcli как и bridge, через гуй шиш

Удивительно, почему у меня тогда амазоновский впн работает через NM.

я говор как у меня было на федоре.

кого волнует как лично у тебя было на федоре? У тебя могло не работать совершенно по иным причинам, которые ты не выяснил

Вместо импортирования конфига можно попробовать настроить вручную, может быть из конфига не все необходимое подтягивается. Ну и логи хотелось бы увидеть

мы тогда сидели с игнотенко, и он сам сказал, что это проблемы нетворк-менеджера, и через гуй не пашет, надо использовать консольную утилиту.

игнотенко это разработчик network-manager?

это разработчик федоры.

только вот у ТС — убунта, упс 🙂

только вот нетворк менеджер пилит rhel

прям вот только RH и пилит, ага. Не надоело тебе еще чушь нести?

Пока ТС логи не покажет — ванговать нет смысла

конфиг сервера показать можешь?

Какого сервера? Это Антизапрет

А что? OpenVPN под Андроид вообще мне пишет

DEPRECATED OPTION: —max-routes option ignored.The number of routes is unlimited as of version 2.4. This option will be removed in a future version, please remove it from your configuration.

Но работает, в отличие от

понятно, этот вопрос снимается. В настройках NM есть возможность включить более подробное логгирование для openvpn?

The number of routes is unlimited as of version 2.4.

Jun 3 13:47:55 slava-virtual-machine nm-openvpn[4358]: OpenVPN 2.3.2

Но напрямую же работает, из консоли, без NM

Я о том, что после того, как убрал max-routes, не сломалось ли «обычное» подключение?
Вообще хрен его знает, что там в логи пишется, может это вообще версия сервера.
Верни и увеличь, короче.

Сломалось))
Сейчас попробую вернуть и увеличить)

Вернул. Увеличил в 10 раз. Та же шляпа. Там кстати не 100, а 10000 было.. Откуда NM берет цифру 100?

Ну вот видимо берет откуда-то. Надо сырцы курить.

for a workaround, do not use network-manager-openvpn

Как говорится, это опенсорс, детка, тут тебе никто ничего не ПИШЕТ НОРМАЛЬНО ВСЕ ЧЕРЕЗ ЖОПУ ОТОВСЮДУ ТОРЧАТ РЖАВЫЕ ГВОЗДИ НИКОГДА НИЧЕГО НЕ РАБОТАЕТ КАК ПОЛОЖЕНО ГЛАЗА КАК ПОМИДОРЫ УЖЕ ЛИНУКС НЕ ГОТОВ.

А я и не в претензии)
Знал куда суюсь)

Да, не заработает. Либо патчите плагин NetworkManager, чтобы он выставлял max-routes, либо собирайте OpenVPN 2.4 из гита.

Источник

Ubuntu Documentation

Network Manager

Network Manager aims for Network Connectivity which «Just Works». The computer should use the wired network connection when it’s plugged in, but automatically switch to a wireless connection when the user unplugs it and walks away from the desk. Likewise, when the user plugs the computer back in, the computer should switch back to the wired connection. The user should, most times, not even notice that their connection has been managed for them; they should simply see uninterrupted network connectivity.

More information about Network Manager is available in Gnome website and wiki .

Installation

NetworkManager should be installed by default on Ubuntu Desktop installs, as well as most flavours of Ubuntu.

To install NetworkManager:

To install the GNOME applet / indicator:

VPN support

Network Manager VPN support is based on a plug-in system. If you need VPN support via network manager you have to install one of the following packages:

The network-manager-pptp plugin is installed by default.

On GNOME, you also need to install the -gnome packages for the VPN plugin you choose:

Start

The steps to start NetworkManager depend on which of the initialization subsystems are running: Upstart or Systemd.

Using Upstart

Start network manager

Using Systemd

Systemd became the default initialization system in Ubuntu 15.04. Here’s how to start Network Manager and enable it to be restarted after a reboot:

Start network manager

Enable restarting the network manager when the system reboots

NM-applet Overview

The network-manager or the nm-applet is the one which is found in the systray. The icon of two computers, one below to the other on the left-side.

Clicking on NM-applet will give you the types of connection/hardware you have available.

For e.g. if you have a wired connection clicking on it will give you something like: Wired Network (D-Link System RTL-8139/8139C/8139C+ Auto eth1

Now let’s break down what such a notification would mean.

a. Wired/Wireless/Mobile Broadband/VPN/DSL — the interface/hardware you have.

b. (D-Link System RTL-8139/8139C/8139C+ :- the chipset which enables the connection to be made.

c. Auto/Manual eth1 :- If the connection is has been made automatically or generated through the system settings or/and done manually. Any one connection can only have only of the states not both. The eth1 is just a name to make it easier for the user to know which way he’s connected through to the network/Internet.

Right-click Options

Right-clicking on the applet will give you the following options

a. A checkbox saying Enable Networking or not.

b. Connection Information: Giving info. on the same below.

c. Edit Connections: This is the NM-connections editor which we will talk about a little later.

d. About: Which gives the status of current version of network-manager installed and a link to the upstream network-manager site.

Connection Information

• This figure is shown right-clicking on the nm-applet and then clicking on the blue (i) Connection information option in the drop-down menu of nm-applet. It gives information about the interface being used, the MAC or Hardware Address of the device, what driver is being used to do the networking, at what speed is the network card capable of communicating, any security protocols used.

Then there is some distance and information regarding how the actual connection is set up in terms of the IP Address taken/given, the IP Address at which its broadcasting its presence to others, the Subnet Mask used and lastly the DNS address.

NM-connections editor

The NM-connections editor is where the user can edit and create the various connection types. To invoke the nm-connections editor you need to right-click on the nm-applet and then click on Edit Connections. Clicking on that option would result in a tabbed window called network connections having different ways to connect to the network/Internet.

Connection Types

Wired connections

This type of connection is one where you are connecting to the Internet through an Ethernet connection to some router/modem.

Wireless

This type of connection is one where one is connected to the Internet through a wireless card & base-station combo.

Mobile Broadband

This type of connection is similar to wireless, the only difference would be the hardware. Its normally based on a high-speed portable wireless card which may follow GPRS, 3G, WiMAX, UMTS/HSPA or/and EV-DO standards.

This type of connection is usually used by corporates to connect to their workplace via the internet or by universities to make special services available to their students and staff. Currently no more than one VPN connection at a time is supported (see here). The VPN packages are not installed by default. See VPN for how to do that.

This type of connection is when one is transferring data over the public telephone network (also known as POTS). Need some type of XDSL modem (ADSL is common type of connection).

Creating/Modifying a User connection

Hint: Making any change to an existing wired connection will only be applied after you finish editing and then left-click the connection name (left-click the Network Manager icon to access the list of connections) or by rebooting your system. Changes will also be automatically applied if your change the Connection name of a connection.

So how do we add or modify a user connection. Let’s start by adding a user connection. So we do the following steps:

a. Invoke nm-connection-editor by right-clicking on network-manager icon, clicking on Edit Connections which brings up the network-connections having various options to connect to the local network or/and the Internet.

b. Choose one of the options depending on the hardware and the way the connection is set up. We would be looking at all the 5 options in the network connections one by one as to what information needs to be filled up.

Adding Wired connections

Wired Tab

For this one needs to click on the Add button after selecting the Wired tab in Network Connections as shown above.

Clicking on that tab would bring you to another box having three tabs, i.e. Wired, 802.1x and lastly IPv4 settings.

At the top one needs to give some name to the connection, by default it is showing as Wired Connection 1. You can either use that or make it something which is recognizable and easily remembered by you.

A little distance below there are two options with check-boxes just next to them. The first option asks whether you want network-manager to connect automatically or not. Clicking on that would make network-manager automatically try to resolve or making that connection happen for you.

The second one says System Settings. Systems settings are an option so one can configure connections system-wide, so they get enabled without you being logged in. This was not possible to do before 0.7.

Just below that is the wired tab. The Wired tab has a field called «MAC address». The MAC (Media Access Control) address is a unique identifier for the Ethernet card/Network Interface card. The MAC address is written in the form of a set of 6 grouped hexadecimal digits, e.g. 01:23:45:67:89:AB.

To find out your MAC address you can run:

You will get something like this:

802.1x security

This tab is for secure communications where one wants to have port-based authentication using some authentication server. After checking the box to use 802.1x security for the connection you have to choose which authenticated protocol to use from TLS, Tunneled TLS or Protected EAP. Would also need to give some identity as well as choose a user or/and some certifying authority’s certificate. You would also need to give your private key particulars as well as a Private Key password. You may choose or not to show the password.

IPv4 Settings

This is the last but perhaps the most interesting tab in the Wired Networking tab, where one has various options of connecting:

a. Automatic (DHCP)
b. Automatic (DHCP Addresses only)
c. Manual
d. Link-local only and lastly
e. Shared to other computers

User Settings and System Settings

All the connection configuration files will be stored here.

User settings are defined as files in those directories that include specific access controls to limit the access to a specific user.

Issues

If it is not managing your network connections, you’ll need to comment out the references to all interfaces (except lo) in /etc/network/interfaces to let Network Manager handle them.

It should look similar to this when you are done:

Then reboot and you should be good to go!

Stopping and Disabling NetworkManager

The steps to disable NetworkManager depend on which of the initialization subsystems are running: Upstart or Systemd.

Using Upstart

According to this bug here’s how to disable Network Manager without uninstalling it:

Stop network manager

Create an override file for the Upstart job:

Using Systemd

Systemd became the default initialization system in Ubuntu 15.04. Here’s how to stop and disable Network Manager without uninstalling it (taken from AskUbuntu):

Stop network manager

Disable network manager (permanently) to avoid it restarting after a reboot

Editing Network Settings in nm-connection-editor

Nm-connection-editor is the configuration applet that provides easy access to advanced network settings and allows greater configuration options through a simple interface. To access nm-connection-editor, right-click on the network icon in the notification area and select Edit Connections.

Changing a network’s encryption key

Nm-connection-editor enables you to easily update a network’s encryption key by displaying the current key for each network and giving you the option of displaying it in clear text while you edit.

Ensuring connection to particular access points

You can specify a particular BSSID directly in nm-connection-editor. This means that in a wireless network with more than one access point, you can choose the one NetworkManager will connect to.

Using NetworkManager on the command line

NetworkManager now ships with nmcli, a simple interface to allow users to connect to particular networks, and even create connections to new wireless networks they have never connected to:

Provides all the information about how to use the nmcli utility.

Источник