When using openvpn client directly, from command line (as root), the connection to VPN server works just fine. When attempting to connect via NetworkManager, it times out.
Both configurations use same keys, hosts etc. Both record in journal UDPv4 link remote: [AF_INET]XXX.XXX.XXX.XXX:1194 to the same host.
But eventually fails with:
NetworkManager[2019]: <warn> VPN connection ‘Some VPN’ connect timeout exceeded.
Is there know issue with this?
Some special permission?
AppArmor policy that has to be set?
Is it failing because it is (ConnectInteractive) interactive and hides some user input?
Ok, so changing to TCP 443 worked. Means that user nm-openvpn is prohibited from opening connection to non standard ports. How does one configure this in openSUSE?
I’m using KDE Plasma NM front-end and don’t see where to add a custom gateway port, but this option apparently exists in the Gnome NM front-end via ‘Advanced’ in the VPN tab. You could try using the Gnome front-end for configuration instead (provided by NetworkManager-gnome).
Sorry, I used that term incorrectly. I meant non standard such as 80, 443, etc. I was trying to use fairly standard for OpenVPN UDP port 1194 which appears to be either blocked by default (why would outgoing connection be blocked by default) or prevented by some policy.
The location for setting a custom gateway port in KDE Plasma NetworkManager is at:
Connection Editor > Add > openVPN > Tab: VPN (openvpn), button labeled “Advanced” > Tab: General. It is the first parameter that can be edited. Many parameters can be edited from this location, including:
Custom gateway port
Custom tunnel MTU
Custom UDP fragment size
Use custom renegotiation interval
Set virtual device type (TUN/TAP)
Use LZO compression
Use TCP connection
Restrict TCP maximum segment size (MSS)
Randomize remote hosts
Other tabs avaiable throught the “Advanced” button include: