KDE: IPSEC VPN not starting as dependent service of a WLAN connection

Hi,

since recently I use this nice feature of KDE nm plasma applet, starting an IPSEC VPN to my home network each time I am logged in a particular public WLAN.

Unfortuatelly this did not work ootb. My dyndns hostname of the vpn could not be resolved after the WLAN is active.
Starting the vpn manually a bit later works fine. So it is not a general setup problem of dns, wlan or vpn.
I hardcoded a 1s sleep before the call to vpnc to make it work:

su -
mv /usr/sbin/vpnc /usr/sbin/vpnc.bin
echo '#!/bin/sh
sleep 1
exec /usr/sbin/vpnc.bin "$@"' >/usr/sbin/vpnc
chmod +x /usr/sbin/vpnc
exit

Of course this workaround is ugly and ruins automatic updates.

Looks like a dependency problem.
Is there an option to actually wait for a fully functional wlan before starting the vpn?

P.S.: this is on a fully updated opensuse 13.2

A better fix like what you’re asking doesn’t come to my mind immediately, but I’d recommend a different workaround that would likely fix your updating problem… or maybe suggest a better overall solution.

So, you say that the problem is the time it takes to solve the ddns name… Make the DDNS resolution separate.
Solution 1
Manually do a lookup (or if you have already successfully resolved recently, it may still be in your name resolution cache).
Create a Hosts entry.
Drawback - By making a permanent Hosts file entry, it will be good until your ISP changes your Server address. Bypassing the DDNS lookup solves your immediate problem but possibly causes another.

Solution 2
Building on the above, create a script that first does a DDNS lookup and either adds to your name resolution cache or perhaps writes an entry to the Hosts file. After addressing this dependency, then your script would invoke creating the VPN tunnel.
Drawback - Coding. But, it fully automates and solves your problem.

HTH,
TSU

I think you misunderstood. With update problem I meant what happens when there is a security update for the vpnc package.

Then, it is not a timeout, just a resolv failure within vpnc. I think because vpnc is called while dns resolv setup of the wlan connection is not ready yet.

Is there an option to actually wait for a fully functional wlan before starting the vpn?

Yes - via a NetworkManager dispatcher script which will run once the wireless connection is up.

https://wiki.archlinux.org/index.php/NetworkManager#Network_services_with_NetworkManager_dispatcher

A similar discussion here:

https://forum.kde.org/viewtopic.php?f=18&t=102188