no more working after upgrading kde neon

[mauro-miatello]

this morning i upgraded my pc from kde neon 5.14 to 5.15 and my l2tp/ipsec connection stopped working so i've tried another vpn, fortissl, and it worked so, i've tried from my notebook, still with 5.14, and l2tp/ipsec vpn worked so, i've upgraded also my notebook and l2tp/ipsec stopped working i've opened a bug in kde, but they said that it's probably an issue with this plugin https://bugs.kde.org/show_bug.cgi?id=404381 i've seen that libkf5networkmanagerqt6 was upgraded, i dont know if this is important

[dkosovic]

Extract from the logs:

Feb 15 09:43:24 HOME-PC pppd[11185]: MS-CHAP authentication failed: E=691 Authentication failure
Feb 15 09:43:24 HOME-PC pppd[11185]: CHAP authentication failed

According to Microsoft, error 691 is :

The remote connection was denied because the user name and password combination you provided is not recognized, or the selected authentication protocol is not permitted on the remote access server.

I notice you are using CHAP and MS-CHAP, you could try enabling MS-CHAPv2 in the PPP Options and see if that helps. Also double check the password is correct if it was saved.

[mauro-miatello]

tried but still not working

could this be important:

Feb 15 15:46:06 HOME-PC nm-l2tp-service[8239]: Check port 1701 Feb 15 15:46:06 HOME-PC nm-l2tp-service[8239]: Can't bind to port 1701 Feb 15 15:46:06 HOME-PC NetworkManager[1286]: Redirecting to: systemctl stop ipsec.service Feb 15 15:46:06 HOME-PC systemd[1]: Stopping Internet Key Exchange (IKE) Protocol Daemon for IPsec...

?

[dkosovic]

In regards to UDP port 1701 already being in use, see "Issue with not stopping system xl2tpd service" in the README.md file. It would do no harm stopping the system xl2tpd service.

One issue with KDE neon and /etc/ppp/ip-up.d/0000usepeerdns from the ppp package is that you need to ensure the resolvconf package is installed :

sudo apt install resolvconf

due to Ubuntu bug LP#1778946, but that's just to fix an issue with DNS not working after the VPN connection is closed. I only mention it as it is the only issue so far I'm aware of with the ppp package and L2TP, the upgrade could have broken PPP authentication somehow.

I'll spin up a KDE neon 5.15 VM later today to try and reproduce the issue.

[dkosovic]

I did a sudo apt dist-upgrade and confirm I'm now running KDE neon User Edition 5.15, unfortunately i wasn't able to reproduce your issue.

I'm pretty sure the issue is with the ppp package or one of its dependencies. You could try enabling nm-l2tp-service debugging as mentioned in this package's README.md file by doing :

sudo killall -TERM nm-l2tp-service
sudo /usr/lib/NetworkManager/nm-l2tp-service --debug

You should then get a lot more pppd debugging in in the journalctl output. Hopefully it might have a hint as to what is going wrong.

Looking at Ubuntu's 18.04's ppp-2.4.7-2+2 package's changelog there was an older release that fixed a MS-CHAP authentication failed: E=691 Authentication failure (Debian bug #891020). Similarly Ubuntu 18.04's bug LP#1752670 for the ppp package. But I haven't noticed any recent bugs.

[mauro-miatello]

today it works i really dont understand what has happened, only thing it's that today it ask me, the 1st try this morning, to allow authorization, maybe some issue with keyring after upgrade sorry for wasting your time and thanks for help