search

adrienverge / openfortivpn

Client for PPP+TLS VPN tunnel services
GNU General Public License v3.0
2.75k stars 323 forks source link

OpenFortiVPN Client Won't Open With Fedora 39 #1162

Closed Sp3ctroR3tro closed 1 year ago

Sp3ctroR3tro commented 1 year ago

I just updated to Fedora 39 while using version 1.19.0 of openfortivpn and since then I haven't been able to connect. When running I get the following error: INFO: Negotiation complete. Peer refused to agree to his IP address. I have seen other posts regarding this issue and have tried running pppd ipcp-accept-remote and ipcp-accept-local to resolve the issue and neither one seems to work.

I have tried, re-installation of openforti, kernel switching, and attempted downgrading of ppp from 2.5.0. To this point nothing has worked so far.

DimitriPapadopoulos commented 1 year ago

Either use pppd < 2.5.0 or use the latest openfortivpn version.

Sp3ctroR3tro commented 1 year ago

When looking at the packages for fedora it appears that I am using the most recent version of openforticlient and for fedora 39 it appears that I can’t downgrade past 2.5.0.

DimitriPapadopoulos commented 1 year ago

If you cannot downgrade pppd, use the latest version of openfortivpn (1.21).

DimitriPapadopoulos commented 1 year ago

Alternatively, find a way to pass option ipcp-accept-remote to pppd. Typically, you would have to add it to a file under /etc/ppp or something similar.

Sp3ctroR3tro commented 1 year ago

I was able to edit the options file to add the recommend entry and was able to connect again.

adrienverge commented 1 year ago

I just changed the issue title (Fedora 29 → Fedora 39).

woprandi commented 1 year ago

Connection now works on F39 with specified options (thanks !) but I cannot reach any IP inside remote network

yakupkaya commented 1 year ago

Connection now works on F39 with specified options (thanks !) but I cannot reach any IP inside remote network

Same here. After the option "ipcp-accept-remote", I can connect. I even see the correct routes are added. But I cannot access the IP addresses.

Edit: I have seen the following error on journal, but even after this error VPN connection stays up together with the ppp interface and routes. In reality it is not working.

pppd[20265]: Can't execute /etc/ppp/ip-up: Permission denied NetworkManager[20265]: Can't execute /etc/ppp/ip-up: Permission denied NetworkManager[1623]: <info> [1699614458.9584] device (ppp0): state change: unmanaged -> unavailable (reason 'connection-assumed', sys-iface-state: 'external') kded5[3255]: org.kde.plasma.nm.kded: Unhandled VPN connection state change: NetworkManager::VpnConnection::GettingIpConfig NetworkManager[1623]: <info> [1699614458.9742] device (ppp0): state change: unavailable -> disconnected (reason 'none', sys-iface-state: 'external')

woprandi commented 1 year ago

@yakupkaya You can use openconnect as a alternative client to use at least until this issue is resolved.

yakupkaya commented 1 year ago

@yakupkaya You can use openconnect as a alternative client to use at least until this issue is resolved.

Sure, I can try that. Thank you very much!

jcesclapez commented 1 year ago

Connection now works on F39 with specified options (thanks !) but I cannot reach any IP inside remote network

Same here..

DimitriPapadopoulos commented 1 year ago

This issue is closed, posting "#metoo" messages here just adds noise. Note that there are two issues at hand:

  1. the ipcp-accept-remote issue solved in openfortivpn 1.21,
  2. setting routing and DNS parameters, which needs additional steps such as using resolveconf.