Hey Mike, Sorry for the ambiguity.
Both openconnect (7.06-2+b1) and network-manager (1.0.6-1) are from Sid. I'm heavily relying on APT Pinning and most of my packages are outside of stable/jessie. > Can you reproduce when NetworkManager is *not* running at all? No, if I stop network-manager, I will lose all connectivity and openconnect will fail to establish a connection. ------------------------- syslog: Sep 7 19:37:20 labs systemd[1]: Stopping Network Manager... Sep 7 19:37:20 labs NetworkManager[898]: <info> caught SIGTERM, shutting down normally. Sep 7 19:37:20 labs NetworkManager[898]: <info> (eth0): device state change: unavailable -> unmanaged (reason 'unmanaged') [20 10 3] Sep 7 19:37:20 labs kernel: [ 226.866163] e1000e: eth0 NIC Link is Down Sep 7 19:37:20 labs NetworkManager[898]: <info> (wlan0): device state change: activated -> deactivating (reason 'unmanaged') [100 110 3] Sep 7 19:37:20 labs NetworkManager[898]: <info> NetworkManager state is now DISCONNECTING Sep 7 19:37:20 labs NetworkManager[898]: <info> (wlan0): device state change: deactivating -> unmanaged (reason 'unmanaged') [110 10 3] Sep 7 19:37:20 labs NetworkManager[898]: <info> (wlan0): canceled DHCP transaction, DHCP client pid 1446 Sep 7 19:37:20 labs NetworkManager[898]: <info> (wlan0): DHCPv4 state changed bound -> done Sep 7 19:37:20 labs kernel: [ 226.890396] wlan0: deauthenticating from ac:22:0b:31:28:5c by local choice (Reason: 3=DEAUTH_LEAVING) Sep 7 19:37:20 labs wpa_supplicant[1297]: wlan0: CTRL-EVENT-DISCONNECTED bssid=ac:22:0b:31:28:5c reason=3 locally_generated=1 Sep 7 19:37:20 labs kernel: [ 226.965918] cfg80211: Calling CRDA to update world regulatory domain Sep 7 19:37:20 labs avahi-daemon[907]: Withdrawing address record for 192.168.192.62 on wlan0. Sep 7 19:37:20 labs avahi-daemon[907]: Leaving mDNS multicast group on interface wlan0.IPv4 with address 192.168.192.62. Sep 7 19:37:20 labs kernel: [ 226.970532] cfg80211: World regulatory domain updated: Sep 7 19:37:20 labs kernel: [ 226.970535] cfg80211: DFS Master region: unset Sep 7 19:37:20 labs kernel: [ 226.970536] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp), (dfs_cac_time) Sep 7 19:37:20 labs kernel: [ 226.970538] cfg80211: (2402000 KHz - 2472000 KHz @ 40000 KHz), (N/A, 2000 mBm), (N/A) Sep 7 19:37:20 labs kernel: [ 226.970540] cfg80211: (2457000 KHz - 2482000 KHz @ 40000 KHz), (N/A, 2000 mBm), (N/A) Sep 7 19:37:20 labs kernel: [ 226.970541] cfg80211: (2474000 KHz - 2494000 KHz @ 20000 KHz), (N/A, 2000 mBm), (N/A) Sep 7 19:37:20 labs kernel: [ 226.970542] cfg80211: (5170000 KHz - 5250000 KHz @ 80000 KHz, 160000 KHz AUTO), (N/A, 2000 mBm), (N/A) Sep 7 19:37:20 labs kernel: [ 226.970544] cfg80211: (5250000 KHz - 5330000 KHz @ 80000 KHz, 160000 KHz AUTO), (N/A, 2000 mBm), (0 s) Sep 7 19:37:20 labs kernel: [ 226.970545] cfg80211: (5490000 KHz - 5730000 KHz @ 160000 KHz), (N/A, 2000 mBm), (0 s) Sep 7 19:37:20 labs kernel: [ 226.970546] cfg80211: (5735000 KHz - 5835000 KHz @ 80000 KHz), (N/A, 2000 mBm), (N/A) Sep 7 19:37:20 labs kernel: [ 226.970547] cfg80211: (57240000 KHz - 63720000 KHz @ 2160000 KHz), (N/A, 0 mBm), (N/A) Sep 7 19:37:20 labs avahi-daemon[907]: Interface wlan0.IPv4 no longer relevant for mDNS. Sep 7 19:37:20 labs wpa_supplicant[1297]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD Sep 7 19:37:20 labs avahi-daemon[907]: Withdrawing address record for fe80::8286:f2ff:fedc:bdfb on wlan0. Sep 7 19:37:20 labs avahi-daemon[907]: Leaving mDNS multicast group on interface wlan0.IPv6 with address fe80::8286:f2ff:fedc:bdfb. Sep 7 19:37:20 labs avahi-daemon[907]: Interface wlan0.IPv6 no longer relevant for mDNS. Sep 7 19:37:20 labs NetworkManager[898]: <info> NetworkManager state is now DISCONNECTED Sep 7 19:37:20 labs NetworkManager[898]: <info> exiting (success) Sep 7 19:37:20 labs systemd[1]: Stopped Network Manager. Sep 7 19:37:20 labs gnome-session[1785]: Gjs-Message: JS LOG: Removing a network device that was not added Sep 7 19:37:21 labs org.gnome.OnlineAccounts[1838]: (goa-daemon:1913): GoaBackend-WARNING **: secret_password_lookup_sync() returned NULL Sep 7 19:37:22 labs org.gnome.OnlineAccounts[1838]: (goa-daemon:1913): GoaBackend-WARNING **: secret_password_lookup_sync() returned NULL Sep 7 19:37:22 labs chromium.desktop[2296]: [2296:2325:0907/193722:ERROR:connection_factory_impl.cc(366)] Failed to connect to MCS endpoint with error -106 Sep 7 19:37:48 labs chromium.desktop[2296]: [2296:2325:0907/193748:ERROR:connection_factory_impl.cc(366)] Failed to connect to MCS endpoint with error -106 ------------------------- openconnect output: WARNING: Juniper Network Connect support is experimental. It will probably be superseded by Junos Pulse support. GET https://vpn-url/linux getaddrinfo failed for host 'vpn-url': Name or service not known Failed to open HTTPS connection to vpn-url Failed to obtain WebVPN cookie ------------------------- > Can you try with NetworkManager 1.0.6 in unstable? Since I'm already using network-manager from unstable, below is output of using network-manager (0.9.10.0-7) from stable. Using openconnect (7.06-2) from unstable with network-manager from stable (0.9.10.0-7) will work as expected. Connection with VPN will immediately be established, and there won't be need to reconnect. ------------------------- syslog: Sep 7 19:46:25 labs NetworkManager[832]: <info> (tun0): carrier is OFF Sep 7 19:46:25 labs NetworkManager[832]: <info> (tun0): new Tun device (driver: 'unknown' ifindex: 4) Sep 7 19:46:25 labs NetworkManager[832]: <info> (tun0): exported as /org/freedesktop/NetworkManager/Devices/3 Sep 7 19:46:25 labs kernel: [ 267.004534] tun: Universal TUN/TAP device driver, 1.6 Sep 7 19:46:25 labs kernel: [ 267.004536] tun: (C) 1999-2004 Max Krasnyansky <m...@qualcomm.com> Sep 7 19:46:25 labs NetworkManager[832]: <info> devices added (path: /sys/devices/virtual/net/tun0, iface: tun0) Sep 7 19:46:25 labs NetworkManager[832]: <info> device added (path: /sys/devices/virtual/net/tun0, iface: tun0): no ifupdown configuration found. Sep 7 19:46:25 labs NetworkManager[832]: <info> (tun0): link connected Sep 7 19:46:25 labs NetworkManager[832]: <info> (tun0): device state change: unmanaged -> unavailable (reason 'connection-assumed') [10 20 41] Sep 7 19:46:25 labs NetworkManager[832]: <info> (tun0): device state change: unavailable -> disconnected (reason 'connection-assumed') [20 30 41] Sep 7 19:46:25 labs NetworkManager[832]: <info> Activation (tun0) starting connection 'tun0' Sep 7 19:46:25 labs NetworkManager[832]: <info> Activation (tun0) Stage 1 of 5 (Device Prepare) scheduled... Sep 7 19:46:25 labs NetworkManager[832]: <info> Activation (tun0) Stage 1 of 5 (Device Prepare) started... Sep 7 19:46:25 labs NetworkManager[832]: <info> (tun0): device state change: disconnected -> prepare (reason 'none') [30 40 0] Sep 7 19:46:25 labs NetworkManager[832]: <info> Activation (tun0) Stage 2 of 5 (Device Configure) scheduled... Sep 7 19:46:25 labs NetworkManager[832]: <info> Activation (tun0) Stage 1 of 5 (Device Prepare) complete. Sep 7 19:46:25 labs NetworkManager[832]: <info> Activation (tun0) Stage 2 of 5 (Device Configure) starting... Sep 7 19:46:25 labs NetworkManager[832]: <info> (tun0): device state change: prepare -> config (reason 'none') [40 50 0] Sep 7 19:46:25 labs NetworkManager[832]: <info> Activation (tun0) Stage 2 of 5 (Device Configure) successful. Sep 7 19:46:25 labs NetworkManager[832]: <info> Activation (tun0) Stage 3 of 5 (IP Configure Start) scheduled. Sep 7 19:46:25 labs NetworkManager[832]: <info> Activation (tun0) Stage 2 of 5 (Device Configure) complete. Sep 7 19:46:25 labs NetworkManager[832]: <info> Activation (tun0) Stage 3 of 5 (IP Configure Start) started... Sep 7 19:46:25 labs NetworkManager[832]: <info> (tun0): device state change: config -> ip-config (reason 'none') [50 70 0] Sep 7 19:46:25 labs NetworkManager[832]: <info> Activation (tun0) Stage 5 of 5 (IPv4 Configure Commit) scheduled... Sep 7 19:46:25 labs NetworkManager[832]: <info> Activation (tun0) Stage 3 of 5 (IP Configure Start) complete. Sep 7 19:46:25 labs NetworkManager[832]: <info> Activation (tun0) Stage 5 of 5 (IPv4 Commit) started... Sep 7 19:46:25 labs NetworkManager[832]: <info> (tun0): device state change: ip-config -> ip-check (reason 'none') [70 80 0] Sep 7 19:46:25 labs NetworkManager[832]: <info> Activation (tun0) Stage 5 of 5 (IPv4 Commit) complete. Sep 7 19:46:25 labs NetworkManager[832]: <info> (tun0): device state change: ip-check -> secondaries (reason 'none') [80 90 0] Sep 7 19:46:25 labs NetworkManager[832]: <info> (tun0): device state change: secondaries -> activated (reason 'none') [90 100 0] Sep 7 19:46:25 labs NetworkManager[832]: <info> Activation (tun0) successful, device activated. Sep 7 19:46:25 labs dbus[849]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' Sep 7 19:46:25 labs systemd[1]: Starting Network Manager Script Dispatcher Service... Sep 7 19:46:25 labs dbus[849]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher' Sep 7 19:46:25 labs systemd[1]: Started Network Manager Script Dispatcher Service. Sep 7 19:46:25 labs nm-dispatcher: Dispatching action 'up' for tun0 Sep 7 19:46:25 labs avahi-daemon[865]: Got SIGTERM, quitting. Sep 7 19:46:25 labs systemd[1]: Stopping Avahi mDNS/DNS-SD Stack... Sep 7 19:46:25 labs avahi-daemon[865]: Leaving mDNS multicast group on interface wlan0.IPv6 with address fe80::8286:f2ff:fedc:bdfb. Sep 7 19:46:25 labs avahi-daemon[865]: Leaving mDNS multicast group on interface wlan0.IPv4 with address 192.168.192.62. Sep 7 19:46:25 labs avahi-daemon[865]: avahi-daemon 0.6.31 exiting. Sep 7 19:46:25 labs systemd[1]: Stopped Avahi mDNS/DNS-SD Stack. Sep 7 19:46:25 labs dbus[849]: [system] Activating via systemd: service name='org.freedesktop.Avahi' unit='dbus-org.freedesktop.Avahi.service' Sep 7 19:46:25 labs nm-dispatcher[2709]: Warning: Stopping avahi-daemon.service, but it can still be activated by: Sep 7 19:46:25 labs nm-dispatcher[2709]: avahi-daemon.socket Sep 7 19:46:25 labs systemd[1]: Starting Avahi mDNS/DNS-SD Stack... Sep 7 19:46:25 labs avahi-daemon[2755]: Process 865 died: No such process; trying to remove PID file. (/var/run/avahi-daemon//pid) Sep 7 19:46:25 labs avahi-daemon[2755]: Found user 'avahi' (UID 105) and group 'avahi' (GID 112). Sep 7 19:46:25 labs avahi-daemon[2755]: Successfully dropped root privileges. Sep 7 19:46:25 labs avahi: Avahi detected that your currently configured local DNS server serves Sep 7 19:46:25 labs avahi: a domain .local. This is inherently incompatible with Avahi and thus Sep 7 19:46:25 labs avahi: Avahi disabled itself. If you want to use Avahi in this network, please Sep 7 19:46:25 labs avahi: contact your administrator and convince him to use a different DNS domain, Sep 7 19:46:25 labs avahi: since .local should be used exclusively for Zeroconf technology. Sep 7 19:46:25 labs avahi: For more information, see http://avahi.org/wiki/AvahiAndUnicastDotLocal Sep 7 19:46:25 labs avahi-daemon[2755]: avahi-daemon 0.6.31 starting up. Sep 7 19:46:25 labs dbus[849]: [system] Successfully activated service 'org.freedesktop.Avahi' Sep 7 19:46:25 labs systemd[1]: Started Avahi mDNS/DNS-SD Stack. Sep 7 19:46:25 labs avahi-daemon[2755]: Successfully called chroot(). Sep 7 19:46:25 labs avahi-daemon[2755]: Successfully dropped remaining capabilities. Sep 7 19:46:25 labs avahi-daemon[2755]: No service file found in /etc/avahi/services. Sep 7 19:46:25 labs avahi-daemon[2755]: Joining mDNS multicast group on interface wlan0.IPv6 with address fe80::8286:f2ff:fedc:bdfb. Sep 7 19:46:25 labs avahi-daemon[2755]: New relevant interface wlan0.IPv6 for mDNS. Sep 7 19:46:25 labs avahi-daemon[2755]: Joining mDNS multicast group on interface wlan0.IPv4 with address 192.168.192.62. Sep 7 19:46:25 labs avahi-daemon[2755]: New relevant interface wlan0.IPv4 for mDNS. Sep 7 19:46:25 labs avahi-daemon[2755]: Network interface enumeration completed. Sep 7 19:46:25 labs avahi-daemon[2755]: Registering new address record for fe80::8286:f2ff:fedc:bdfb on wlan0.*. Sep 7 19:46:25 labs avahi-daemon[2755]: Registering new address record for 192.168.192.62 on wlan0.IPv4. Sep 7 19:46:25 labs avahi-daemon[2755]: Registering HINFO record with values 'X86_64'/'LINUX'. Sep 7 19:46:25 labs systemd[1]: Reloading OpenBSD Secure Shell server. Sep 7 19:46:25 labs systemd[1]: Reloaded OpenBSD Secure Shell server. Sep 7 19:46:25 labs avahi-daemon[2755]: Server startup complete. Host name is labs.local. Local service cookie is 3101220934. Sep 7 19:46:27 labs org.gnome.OnlineAccounts[1547]: (goa-daemon:1620): GoaBackend-WARNING **: secret_password_lookup_sync() returned NULL ------------------------- Reason I'm not using this configuration is because gnome (meta package) and network-manager-gnome (1.0.6-1) will removed as result of a conflict. Please let me know if have any additional questions and/or comments. Adnan On Mon, Sep 7, 2015 at 2:15 AM, Mike Miller <mtmil...@debian.org> wrote: > Control: tags -1 - newcomer + moreinfo > > On Sun, Sep 06, 2015 at 14:35:43 +0200, Adnan Hodzic wrote: > > I connect to Juniper VPN with "sudo openconnect --juniper vpn-url/linux" > > > > After link is established, I will not be able to reach any address > within the > > tunnel. Meaning, established connection will not work. > > > > Workaround: > > > > However, if I disconnect from VPN and connect to it again, link will be > > successfuly established. After this, I will be able to communicate to > addresses > > within the tunnel just fine. > […] > > -- System Information: > > Debian Release: 8.2 > > APT prefers stable > > APT policy: (600, 'stable'), (500, 'stable-updates'), (300, > 'testing'), (200, 'unstable'), (100, 'experimental') > > Architecture: amd64 (x86_64) > > Foreign Architectures: i386 > > > > Kernel: Linux 4.1.0-1-amd64 (SMP w/4 CPU cores) > > Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) > > Shell: /bin/sh linked to /bin/dash > > Init: systemd (via /run/systemd/system) > > > > Versions of packages openconnect depends on: > > ii libc6 2.19-18+deb8u1 > > ii libgnutls-deb0-28 3.3.17-1 > > ii libopenconnect5 7.06-2+b1 > > ii libproxy1v5 0.4.11-4.2 > > ii libxml2 2.9.1+dfsg1-5 > > ii vpnc-scripts 0.1~git20140806-1 > > You are running OpenConnect from the unstable release on a stable > system. And you are also running the stable version of NetworkManager > (0.9.10.0). > > Can you reproduce when NetworkManager is *not* running at all? Can you > try with NetworkManager 1.0.6 in unstable? > > -- > mike >
