https://bugzilla.novell.com/show_bug.cgi?id=350884 Summary: KNetworkManager: openvpn connection does not set up route correctly Product: openSUSE 10.3 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Network AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: uli.2001@gmx.de QAContact: qa@suse.de Found By: --- I use an openvpn connection that works fine with "rcopenvpn start", but there is a problem with KNetworkManager. /etc/openvpn/default.conf is as follows: client remote 134.76.83.44 5007 proto udp dev tun comp-lzo ca /home/ulrich/Documents/privat/cert/ucacert.pem cert /home/ulrich/Documents/privat/cert/uliPeopleCert.pem key /home/ulrich/Documents/privat/cert/uliPeopleKey.pem status /var/log/openvpn-status.log log-append /var/log/openvpn.log verb 4 Somehow (apparently not through the configuration file), this vpn connection is used only for a certain address range (the IPs of the institute that I am connecting to):

route -n Kernel IP Routentabelle Ziel Router Genmask Flags Metric Ref Use Iface 10.108.108.1 10.108.108.61 255.255.255.255 UGH 0 0 0 tun0 10.108.108.61 0.0.0.0 255.255.255.255 UH 0 0 0 tun0 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 134.76.82.0 10.108.108.61 255.255.255.0 UG 0 0 0 tun0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 192.168.2.1 0.0.0.0 UG 0 0 0 eth1

ifconfig eth0 Protokoll:Ethernet Hardware Adresse 00:15:58:7F:8C:A8 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 Sendewarteschlangenlänge:1000 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) Basisadresse:0x3000 Speicher:ee000000-ee020000

eth1 Protokoll:Ethernet Hardware Adresse 00:19:D2:06:C8:98 inet Adresse:192.168.2.101 Bcast:192.168.2.255 Maske:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:116505 errors:81 dropped:3226 overruns:0 frame:0 TX packets:76568 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 Sendewarteschlangenlänge:1000 RX bytes:247154871 (235.7 Mb) TX bytes:25566146 (24.3 Mb) Interrupt:22 Basisadresse:0xa000 Speicher:edf00000-edf00fff lo Protokoll:Lokale Schleife inet Adresse:127.0.0.1 Maske:255.0.0.0 inet6 Adresse: ::1/128 Gültigkeitsbereich:Maschine UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:4769 errors:0 dropped:0 overruns:0 frame:0 TX packets:4769 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 Sendewarteschlangenlänge:0 RX bytes:219065 (213.9 Kb) TX bytes:219065 (213.9 Kb) tun0 Protokoll:UNSPEC Hardware Adresse 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet Adresse:10.108.108.62 P-z-P:10.108.108.61 Maske:255.255.255.255 UP PUNKTZUPUNKT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:6 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 Sendewarteschlangenlänge:100 RX bytes:384 (384.0 b) TX bytes:0 (0.0 b) Now I tried to get the same connection using KNetworkManager. I filled out the configuration form as follows: Gateway: 134.76.83.44 Port: 5007 CA file, Certificate, Key: filenames as above On the optional information tab, I only activated "Use LZO compression". This results in:

route -n Kernel IP Routentabelle Ziel Router Genmask Flags Metric Ref Use Iface 134.76.83.44 192.168.2.1 255.255.255.255 UGH 0 0 0 eth1 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 tun0

ifconfig eth0 Protokoll:Ethernet Hardware Adresse 00:15:58:7F:8C:A8 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 Sendewarteschlangenlänge:1000 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) Basisadresse:0x3000 Speicher:ee000000-ee020000

eth1 Protokoll:Ethernet Hardware Adresse 00:19:D2:06:C8:98 inet Adresse:192.168.2.101 Bcast:192.168.2.255 Maske:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:116608 errors:81 dropped:3226 overruns:0 frame:0 TX packets:76671 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 Sendewarteschlangenlänge:1000 RX bytes:247168630 (235.7 Mb) TX bytes:25579715 (24.3 Mb) Interrupt:22 Basisadresse:0xa000 Speicher:edf00000-edf00fff lo Protokoll:Lokale Schleife inet Adresse:127.0.0.1 Maske:255.0.0.0 inet6 Adresse: ::1/128 Gültigkeitsbereich:Maschine UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:4778 errors:0 dropped:0 overruns:0 frame:0 TX packets:4778 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 Sendewarteschlangenlänge:0 RX bytes:219624 (214.4 Kb) TX bytes:219624 (214.4 Kb) tun0 Protokoll:UNSPEC Hardware Adresse 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet Adresse:10.108.108.62 P-z-P:10.108.108.61 Maske:255.255.255.255 UP PUNKTZUPUNKT RUNNING NOARP MULTICAST MTU:1412 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 Sendewarteschlangenlänge:100 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) Using a web browser, I can connect to the institute's website, but not to other website such as google.com (as this is supposed not to run through the vpn connection). I guess I could use the option "only use VPN connection for these adresses" in KNetworkManager's setup, and extract the required information from openvpn's route configuration listed above, but I would expect that I should not have to provide this information myself as openvpn seems to be able to obtain this information differently. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.