Connexion OpenVPN avec Archer MR600 et NetworkManager

Page principale

Répondre à ce message
Auteur: Patrice Karatchentzeff
Date:  
À: GUILDE
Sujet: Connexion OpenVPN avec Archer MR600 et NetworkManager
Salut

Bonne année à tous :)

Je cherche à connecter un Archer MR600 avec Network-manager... sans succès.

J'ai configuré OpenVPN sur le MR600, ce qui consiste seulement à
l'activer. J'ai ajouté l'autorisation de connexion depuis Internet et
j'ai pris un domaine chez TPLink en guise d'IP fixe. Le routeur est un
4G connecté via une carte SIM.

J'ai extrait automatiquement la configuration du client de l'interface
du MR600 que j'ai chargé dans Network-manager qui semble l'avaler sans
souci. Quand je tente de me connecter, j'ai dans les logs :


Jan 1 08:49:32 XX NetworkManager[1079]: <info> [1672559372.2516]
audit: op="connection-add" uuid="563d8f6c-3ad2-42ad-858a-48c560683a51"
name="client" pid=629461 uid=1000 result="success"
Jan 1 08:49:40 XX NetworkManager[1079]: <info> [1672559380.7078]
audit: op="connection-activate"
uuid="563d8f6c-3ad2-42ad-858a-48c560683a51" name="client" pid=1993
uid=1000 result="success"
Jan 1 08:49:40 XX NetworkManager[1079]: <info> [1672559380.7121]
vpn-connection[0x559f1af884d0,563d8f6c-3ad2-42ad-858a-48c560683a51,"client",0]:
Started the VPN service, PID 629709
Jan 1 08:49:40 XX NetworkManager[1079]: <info> [1672559380.7187]
vpn-connection[0x559f1af884d0,563d8f6c-3ad2-42ad-858a-48c560683a51,"client",0]:
Saw the service appear; activating connection
Jan 1 08:49:40 XX NetworkManager[1079]: <info> [1672559380.7366]
vpn-connection[0x559f1af884d0,563d8f6c-3ad2-42ad-858a-48c560683a51,"client",0]:
VPN plugin: state changed: starting (3)
Jan 1 08:49:40 XX NetworkManager[1079]: <info> [1672559380.7367]
vpn-connection[0x559f1af884d0,563d8f6c-3ad2-42ad-858a-48c560683a51,"client",0]:
VPN connection: (ConnectInteractive) reply received
Jan 1 08:49:40 XX nm-openvpn[629713]: OpenVPN 2.4.7
x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11]
[MH/PKTINFO] [AEAD] built on Mar 22 2022
Jan 1 08:49:40 XX nm-openvpn[629713]: library versions: OpenSSL
1.1.1f 31 Mar 2020, LZO 2.10
Jan 1 08:49:40 XX nm-openvpn[629713]: WARNING: No server certificate
verification method has been enabled. See
http://openvpn.net/howto.html#mitm for more info.
Jan 1 08:49:40 XX nm-openvpn[629713]: NOTE: the current
--script-security setting may allow this configuration to call
user-defined scripts
Jan 1 08:49:41 XX nm-openvpn[629713]: TCP/UDP: Preserving recently
used remote address: [AF_INET]YY:1194
Jan 1 08:49:41 XX nm-openvpn[629713]: Attempting to establish TCP
connection with [AF_INET]YY:1194 [nonblock]
Jan 1 08:49:49 XX systemd[1]: systemd-hostnamed.service: Succeeded.
Jan 1 08:50:40 XX NetworkManager[1079]: <warn> [1672559440.7414]
vpn-connection[0x559f1af884d0,563d8f6c-3ad2-42ad-858a-48c560683a51,"client",0]:
VPN connection: connect timeout exceeded.
Jan 1 08:50:40 XX nm-openvpn-serv[629709]: Connect timer expired,
disconnecting.
Jan 1 08:50:40 XX nm-openvpn[629713]: NOTE: chroot will be delayed
because of --client, --pull, or --up-delay
Jan 1 08:50:40 XX nm-openvpn[629713]: NOTE: UID/GID downgrade will be
delayed because of --client, --pull, or --up-delay
Jan 1 08:50:40 XX nm-openvpn[629713]: SIGTERM[hard,init_instance]
received, process exiting
Jan 1 08:50:40 XX NetworkManager[1079]: <warn> [1672559440.7471]
vpn-connection[0x559f1af884d0,563d8f6c-3ad2-42ad-858a-48c560683a51,"client",0]:
VPN plugin: failed: connect-failed (1)
Jan 1 08:50:40 XX NetworkManager[1079]: <info> [1672559440.7473]
vpn-connection[0x559f1af884d0,563d8f6c-3ad2-42ad-858a-48c560683a51,"client",0]:
VPN plugin: state changed: stopping (5)
Jan 1 08:50:40 XX NetworkManager[1079]: <info> [1672559440.7475]
vpn-connection[0x559f1af884d0,563d8f6c-3ad2-42ad-858a-48c560683a51,"client",0]:
VPN plugin: state changed: stopped (6)
Jan 1 08:50:40 XX org.mate.panel.applet.MintMenuAppletFactory[2675]:
"No such interface “org.freedesktop.DBus.Properties” on object at path
/org/freedesktop/NetworkManager/ActiveConnection/105"

C'est à la fois très bavard, mais n'indique rien de pertinent. Le seul
avertissement est pour dire que mon certificat n'est pas payant, mais
bon, cela ne m'avance pas beaucoup...

Une idée où creuser ?

Merci d'avance,

PK


-- 
      |\      _,,,---,,_           Patrice KARATCHENTZEFF
ZZZzz /,`.-'`'    -.  ;-;;,_   mailto:patrice.karatchentzeff@gmail.com
     |,4-  ) )-,_. ,\ (  `'-'
    '---''(_/--'  `-'\_)