NetworkManager + VPN: strange behavior, can't launch any app

Hi,

I’m having strange trouble trying to connect to a PPTP VPN…
For the record, I can successfully connect using KVPNC. This is just not practical, as it crashes every time I lose the connection to the VPN, and I have to use root’s password each time to restart it… I’d rather use KNetworkManager or even nm-applet (even though it’s intended for Gnome if I’m not mistaken I find it superior to KNetworkManager).

Anyway… My point is this: if I make my connection to the VPN using either NetworkManager client, I do get connected, if I have launched a browser previously I can even check my IP has changed, but… I can’t launch any new application as long as the connection is active! For example, if I try to launch Dolphin, it remains grey, and the terminal associated with it says it was unable to run /bin/bash… Applications that have been launched previously keep working as long as they don’t need to interact with the file system (Firefox for example can’t show the save file dialog).
A few seconds after I close the connection everything comes back to normal.

Here is what I get in /var/log/messages, from the beginning to the end of a VPN connection. During this time I tried to launch Dolphin a couple of times.


Oct  5 20:44:08 pc-00250 pppd[10972]: Plugin /usr/lib/pppd/2.4.5/nm-pptp-pppd-plugin.so loaded.
Oct  5 20:44:08 pc-00250 pppd[10972]: pppd 2.4.5 started by root, uid 0
Oct  5 20:44:08 pc-00250 pptp[10976]: nm-pptp-service-10969 log[main:pptp.c:314]: The synchronous pptp option is NOT activated
Oct  5 20:44:08 pc-00250 pppd[10972]: Using interface ppp0
Oct  5 20:44:08 pc-00250 pppd[10972]: Connect: ppp0 <--> /dev/pts/7
Oct  5 20:44:08 pc-00250 pptp[10981]: nm-pptp-service-10969 log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 1 'Start-Control-Connection-Request'
Oct  5 20:44:08 pc-00250 pptp[10981]: nm-pptp-service-10969 log[ctrlp_disp:pptp_ctrl.c:739]: Received Start Control Connection Reply
Oct  5 20:44:08 pc-00250 pptp[10981]: nm-pptp-service-10969 log[ctrlp_disp:pptp_ctrl.c:773]: Client connection established.
Oct  5 20:44:09 pc-00250 pptp[10981]: nm-pptp-service-10969 log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 7 'Outgoing-Call-Request'
Oct  5 20:44:09 pc-00250 pptp[10981]: nm-pptp-service-10969 log[ctrlp_disp:pptp_ctrl.c:858]: Received Outgoing Call Reply.
Oct  5 20:44:09 pc-00250 pptp[10981]: nm-pptp-service-10969 log[ctrlp_disp:pptp_ctrl.c:897]: Outgoing call established (call ID 0, peer's call ID 54144).
Oct  5 20:44:12 pc-00250 pppd[10972]: CHAP authentication succeeded
Oct  5 20:44:12 pc-00250 pppd[10972]: MPPE 128-bit stateless compression enabled
Oct  5 20:44:12 pc-00250 pppd[10972]: local  IP address 93.182.190.98
Oct  5 20:44:12 pc-00250 pppd[10972]: remote IP address 93.182.190.2
Oct  5 20:44:12 pc-00250 pppd[10972]: primary   DNS address 93.182.182.85
Oct  5 20:44:12 pc-00250 pppd[10972]: secondary DNS address 93.182.182.85
Oct  5 20:44:13 pc-00250 dns-resolver: ATTENTION: You have modified /etc/resolv.conf. Leaving it untouched...
Oct  5 20:44:13 pc-00250 dns-resolver: You can find my version in /etc/resolv.conf.netconfig
Oct  5 20:44:13 pc-00250 ip-up: ATTENTION: You have modified /etc/resolv.conf.  Leaving it untouched...
Oct  5 20:44:13 pc-00250 ip-up: You can find my version in /etc/resolv.conf.netconfig ...
Oct  5 20:44:13 pc-00250 SuSEfirewall2: Setting up rules from /etc/sysconfig/SuSEfirewall2 ...
Oct  5 20:44:13 pc-00250 ip-up: SuSEfirewall2: Warning: no default firewall zone defined, assuming 'ext'
Oct  5 20:44:13 pc-00250 SuSEfirewall2: Warning: no default firewall zone defined, assuming 'ext'
Oct  5 20:44:13 pc-00250 SuSEfirewall2: using default zone 'ext' for interface irda0
Oct  5 20:44:13 pc-00250 SuSEfirewall2: using default zone 'ext' for interface ppp0
Oct  5 20:44:13 pc-00250 SuSEfirewall2: using default zone 'ext' for interface wmaster0
Oct  5 20:44:13 pc-00250 kernel:  4223.440208] martian source 93.182.190.98 from 87.120.180.55, on dev ppp0
Oct  5 20:44:13 pc-00250 kernel:  4223.440231] ll header: 45:00:00:7e
Oct  5 20:44:13 pc-00250 SuSEfirewall2: batch committing...
Oct  5 20:44:14 pc-00250 SuSEfirewall2: Firewall rules successfully set
Oct  5 20:44:14 pc-00250 pppd[10972]: Script /etc/ppp/ip-up finished (pid 10982), status = 0x0
Oct  5 20:44:15 pc-00250 dns-resolver: ATTENTION: You have modified /etc/resolv.conf. Leaving it untouched...
Oct  5 20:44:15 pc-00250 dns-resolver: You can find my version in /etc/resolv.conf.netconfig
Oct  5 20:44:18 pc-00250 dns-resolver: ATTENTION: You have modified /etc/resolv.conf. Leaving it untouched...
Oct  5 20:44:18 pc-00250 dns-resolver: You can find my version in /etc/resolv.conf.netconfig
Oct  5 20:45:10 pc-00250 pptp[10981]: nm-pptp-service-10969 log[logecho:pptp_ctrl.c:677]: Echo Reply received.
Oct  5 20:45:39 pc-00250 pppd[10972]: Terminating on signal 15
Oct  5 20:45:39 pc-00250 pppd[10972]: Connect time 1.5 minutes.
Oct  5 20:45:39 pc-00250 pppd[10972]: Sent 2900 bytes, received 3119 bytes.
Oct  5 20:45:39 pc-00250 pptp[10981]: nm-pptp-service-10969 log[callmgr_main:pptp_callmgr.c:234]: Closing connection (unhandled)
Oct  5 20:45:39 pc-00250 pptp[10981]: nm-pptp-service-10969 log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 12 'Call-Clear-Request'
Oct  5 20:45:39 pc-00250 pptp[10981]: nm-pptp-service-10969 log[call_callback:pptp_callmgr.c:79]: Closing connection (call state)
Oct  5 20:45:39 pc-00250 dbus-daemon: Rejected send message, 2 matched rules; type="error", sender=":1.130" (uid=0 pid=10969 comm="/usr/lib/nm-pptp-service) interface="(unset)" member="(unset)" error name="org.freedesktop.DBus.Error.UnknownMethod" requested_reply=0 destination=":1.131" (uid=0 pid=10972 comm="/usr/sbin/pppd))
Oct  5 20:45:39 pc-00250 dbus-daemon: Rejected send message, 2 matched rules; type="error", sender=":1.130" (uid=0 pid=10969 comm="/usr/lib/nm-pptp-service) interface="(unset)" member="(unset)" error name="org.freedesktop.DBus.Error.UnknownMethod" requested_reply=0 destination=":1.131" (uid=0 pid=10972 comm="/usr/sbin/pppd))
Oct  5 20:45:39 pc-00250 pppd[10972]: MPPE disabled
Oct  5 20:45:39 pc-00250 dbus-daemon: Rejected send message, 2 matched rules; type="error", sender=":1.130" (uid=0 pid=10969 comm="/usr/lib/nm-pptp-service) interface="(unset)" member="(unset)" error name="org.freedesktop.DBus.Error.UnknownMethod" requested_reply=0 destination=":1.131" (uid=0 pid=10972 comm="/usr/sbin/pppd))
Oct  5 20:45:39 pc-00250 dbus-daemon: Rejected send message, 2 matched rules; type="error", sender=":1.130" (uid=0 pid=10969 comm="/usr/lib/nm-pptp-service) interface="(unset)" member="(unset)" error name="org.freedesktop.DBus.Error.UnknownMethod" requested_reply=0 destination=":1.131" (uid=0 pid=10972 comm="/usr/sbin/pppd))
Oct  5 20:45:39 pc-00250 dbus-daemon: Rejected send message, 2 matched rules; type="error", sender=":1.130" (uid=0 pid=10969 comm="/usr/lib/nm-pptp-service) interface="(unset)" member="(unset)" error name="org.freedesktop.DBus.Error.UnknownMethod" requested_reply=0 destination=":1.131" (uid=0 pid=10972 comm="/usr/sbin/pppd))
Oct  5 20:45:39 pc-00250 pppd[10972]: Script /usr/sbin/pptp vpn.ipredator.se --nolaunchpppd --logstring nm-pptp-service-10969 finished (pid 10976), status = 0x0
Oct  5 20:45:39 pc-00250 pppd[10972]: Modem hangup
Oct  5 20:45:39 pc-00250 dbus-daemon: Rejected send message, 2 matched rules; type="error", sender=":1.130" (uid=0 pid=10969 comm="/usr/lib/nm-pptp-service) interface="(unset)" member="(unset)" error name="org.freedesktop.DBus.Error.UnknownMethod" requested_reply=0 destination=":1.131" (uid=0 pid=10972 comm="/usr/sbin/pppd))
Oct  5 20:45:39 pc-00250 pppd[10972]: Connection terminated.
Oct  5 20:45:39 pc-00250 avahi-daemon[1459]: Withdrawing address record for 192.168.0.230 on wlan0.
Oct  5 20:45:39 pc-00250 avahi-daemon[1459]: Leaving mDNS multicast group on interface wlan0.IPv4 with address 192.168.0.230.
Oct  5 20:45:39 pc-00250 avahi-daemon[1459]: Interface wlan0.IPv4 no longer relevant for mDNS.
Oct  5 20:45:39 pc-00250 avahi-daemon[1459]: Joining mDNS multicast group on interface wlan0.IPv4 with address 192.168.0.230.
Oct  5 20:45:39 pc-00250 avahi-daemon[1459]: New relevant interface wlan0.IPv4 for mDNS.
Oct  5 20:45:39 pc-00250 avahi-daemon[1459]: Registering new address record for 192.168.0.230 on wlan0.IPv4.
Oct  5 20:45:39 pc-00250 kernel:  4309.281579] martian source 192.168.0.230 from 93.182.190.2, on dev wlan0
Oct  5 20:45:39 pc-00250 kernel:  4309.281603] ll header: 00:0e:2e:aa:04:42:00:0d:61:e5:f6:eb:08:00
Oct  5 20:45:39 pc-00250 kernel:  4309.283464] martian source 192.168.0.230 from 93.182.190.2, on dev wlan0
Oct  5 20:45:39 pc-00250 kernel:  4309.283487] ll header: 00:0e:2e:aa:04:42:00:0d:61:e5:f6:eb:08:00
Oct  5 20:45:39 pc-00250 dns-resolver: ATTENTION: You have modified /etc/resolv.conf. Leaving it untouched...
Oct  5 20:45:39 pc-00250 dns-resolver: You can find my version in /etc/resolv.conf.netconfig
Oct  5 20:45:39 pc-00250 dbus-daemon: Rejected send message, 2 matched rules; type="error", sender=":1.130" (uid=0 pid=10969 comm="/usr/lib/nm-pptp-service) interface="(unset)" member="(unset)" error name="org.freedesktop.DBus.Error.UnknownMethod" requested_reply=0 destination=":1.131" (uid=0 pid=10972 comm="/usr/sbin/pppd))
Oct  5 20:45:39 pc-00250 kernel:  4309.722600] martian source 192.168.0.230 from 93.182.190.2, on dev wlan0
Oct  5 20:45:39 pc-00250 kernel:  4309.722623] ll header: 00:0e:2e:aa:04:42:00:0d:61:e5:f6:eb:08:00
Oct  5 20:45:40 pc-00250 dns-resolver: ATTENTION: You have modified /etc/resolv.conf. Leaving it untouched...
Oct  5 20:45:40 pc-00250 dns-resolver: You can find my version in /etc/resolv.conf.netconfig

This was obtained using 11.2 milestone 8 (KDE). I know it’s not ready yet, but I have no other computer available for this… My other workstation isn’t configured to use the VPN (my local server’s ports relative to this have been redirected to the 11.2 computer).

I’ve been searching about this but could not find anything… Does this ring any bell?

Thanks.

Seb.

I’ve finally found the answer… It may help other people: I have noticed that when connecting with Kvpnc, and with NetworkManager, I didn’t get the same content in /etc/resolv.conf… So the solution was to force NetworkManager to use the same DNS servers and search domains Kvpnc uses, and now everything works just fine.

Interesting information.
Could you just add how you did this in terms of setup in networkmanager?
Thank you.

It’s one of the settigns in nm-applet… I guess there must be something similar in KNetworkManager, I just find nm-applet easier to use. You can either let the DNS setting in automatic mode or choose to supply you own.