Closed jberri closed 7 years ago
Since vpn-support isn't designed to run alongside Network Manager, so you should disable NM or move the vpn setup to a fresh proxyVM that hasn't had NM enabled. NM will interefere with the connection when it notices tun0 goes up, and the fact that the connection stays up when you stop openvpn-client.service indicates that NM is also configured to establish a vpn link.
Another thing to check for is that the Debian default 'openvpn.service' has been disabled in the template.
Close.
Scenario: openvpn-client.service failing test
Given I am running Qubes R3.2.x And I have a VPN-VM configured as follows
And I have the following latest vpn client packages installed in the VPN-VM
And my previous non-secure 'openvpn-client.ovpn' file located in '/rw/config/vpn' can successfully establish an openvpn connection with the following properties
And I have cloned the 'Qubes-vpn-support-master' git repository into my VPN-VM And my VPN-VM directory structure for '/rw/config' is now as follows
And my current secure 'openvpn-client.ovpn' file located in '/rw/config/vpn' contains the following 3 extra required entries
And the following scripts have been made executable
And I restart my VPN-VM And '/etc/systemd/system/' contains a copy of '/rw/config/vpn/openvpn-client.service' When I initiate a VPN connection from a root-terminal with the command
'openvpn /rw/config/vpn/openvpn-client.ovpn'
Then I expect a successful connection to be established to my VPN server with the stdout message
Initialization Sequence Completed
But I do not expect the connection to irritatingly reset itself and then re-establish itself in an infinite loop every 5 flipping seconds with the following stdout messages
Actual results
The annoying loop happens when the rc.local 'systemctl --no-block start openvpn-client.service' command has been issued. A successful persistent connection happens (i.e. no re-connection loop) when the running openvpn-client.service is stopped.