Hello,
is NetworkManager+fortisslvpn supposed to work in up to date opensuse tumbleweed ?
The machine is setup from scratch, openfortivpn works fine (so the other side is alive and kicking), NetworkManager+fortisslvpn works fine under ubuntu 22.04 (so I assume I do know how to set it up).
Alas, after turning the fortisslvpn connection on via NetworkManager, I cannot connect anywhere from my brand new opensuse tumbleweed machine.
Thanks for any pointers.
Best
Is there a firewall active on any of the machines involved?
Not one that I am aware of along this path. As I said, openfortivpn uses the same path on the same machine and it works fine. NetworkManager+fortisslvpn works on the ubuntu machine.
ā¦ the firewall is active though in its default state.
My info may be out of date, but I will offer my experience FWIW: I used to connect to openfortivpn via NetworkManager on Tumbleweed. At some point (9 months ago? Iāve lost track when exactly) it stopped working. I determined that the problem was that the client needed to run as root, which was not able to be done via NetworkManager.
The work around I ended up using was to install openfortivpn webview (I think it is this Releases Ā· gm-vm/openfortivpn-webview Ā· GitHub, Iāve still got 1.2.0 installed), which I run using npm in konsole, which gives me a āSVPNCOOKIEā which I copy, and then run
sudo openfortivpn --cookie-on-stdin
pasting the cookie as input.
As I said, my info may be out of date, I donāt know if the āmust run as rootā problem still exists or was worked around in some easier way since I last tried, but Iāve been continuing to use this method because it works.
Thanks for pointing this out!
As I did read that openfortivpn needs to run as root, I did not question that and executed the command as root. Configuring it makes an easy enough command line in my case. So chances are I will not resort to the webview as I get away without a cookie.
And pointing out that it used to work ā¦ as I wrote, the ubuntu version I use on the other machine is 22.04 LTS which presumably is old enough.
For the time being I think that answers the question: It does not work.
Seems someone along this line up of programs maybe wants to figure out how to establish a VPN connection as a simple user and not only as root.
It would be nice though, if this fortisslvpn option for NetworkManager (no idea about other VPN choices) was then removed from the distribution or otherwise made unusable like not accepting input or that it issues a stern enough warning, if used. Rather than silently hanging, leaving it to users to give up. Not to get me wrong, I do prefer the NetworkManager approach to click a button in the gnome panel rather having to open a terminal and issue a command as root. But if it is there, a user may expect it to work.
As far as I am concerned, I consider my question answered. Thanks for the clarification!
Best