OpenVPN not Working in 17.04 via "Import a saved VPN configuration"

Can someone please confirm this? 17.04 is about to be released.

Ubuntu (Gnome DE) 17.04, cannot use OpenVPN. Every time I try to connect, nothing, but once it’s deactivated I get back my internet access. I don’t know if it’s the same issue though…

Status changed to 'Confirmed' because the bug affects multiple users.

Installed Ubuntu Mate 17.04 today. Tried also Ubuntu 17.04. OpenVPN created by importing *.ovpn file. Does not work with the same error reported by others. Did not try on 16.10 or 16.04LTS.

Can we raise the importance of this confirmed bug?

I confirm the issue. I cannot login through VPN anymore since I updated from 16.10 to 17.04. I will also add to that it is impossible now to configure the VPN connections. The "Configure VPN..." option in the menu is grayed out and cannot be selected anymore from the NetworkManager.

Okay, nevermind, in my case it was enough to delete the VPN connections and then add them again with the "Edit Connection..." option in the nm-applet menu (somehow "VPN Connections -> Configure VPN..." is grayed out and cannot be called). Once created again, the VPN connection work just fine as they used to. Maybe mine is a completely different problem.

Thank you for taking the time to report this bug and helping to make Ubuntu better. The issue you are reporting is an upstream one and it would be nice if somebody having it could send the bug to the developers of the software by following the instructions at https://wiki.ubuntu.com/Bugs/Upstream/GNOME. If you have done so, please tell us the number of the upstream bug (or the link), so we can add a bugwatch that will inform us about its status. Thanks in advance.

I understand this is an upstream bug. I'll just write this here anyway, will post bug upstream later if nobody beats me to it.

Affects me too. The imported config said aes-256-cbc. That was read in as BF-something-or-other. Blowfish, not AES. After setting that to AES-256-CBC, the thing connects.

After some time, the following happens:

nm-openvpn[3577]: [integrity] Inactivity timeout (--ping-restart), restarting
nm-openvpn[3577]: SIGUSR1[soft,ping-restart] received, process restarting
nm-openvpn[3577]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
nm-openvpn[3577]: TCP/UDP: Preserving recently used remote address: [AF_INET]<ip address>:<port>
nm-openvpn[3577]: UDP link local: (not bound)
nm-openvpn[3577]: UDP link remote: [AF_INET]<ip address>:<port>
nm-openvpn[3577]: [integrity] Peer Connection Initiated with [AF_INET]<ip address>:<port>
nm-openvpn[3577]: Preserving previous TUN/TAP instance: tun0
nm-openvpn[3577]: /usr/lib/NetworkManager/nm-openvpn-service-openvpn-helper --debug 0 3573 --bus-name org.freedesktop.NetworkManager.openvpn.Connection_8 --tun -- tun0 1500 1558 <ip address> <mask> restart
nm-openvpn[3577]: WARNING: Failed running command (--up/--down): could not execute external program
nm-openvpn[3577]: Exiting due to fatal error
NetworkManager[667]: <error> [1496682880.1314] platform-linux: do-add-ip4-route[8: 0.0.0.0/0 50]: failure 101 (Nätverket kan inte nås)

It seems that nm-openvpn fails. Ideas on what to do?

Okay, the GNOME bug seems to be https://bugzilla.gnome.org/show_bug.cgi?id=782584

That refers back to https://bugs.launchpad.net/ubuntu/+source/network-manager-openvpn/+bug/1681295

The latter report contains a patch and patched packages that resolves the issue for me.

No, still disconnects, but much longer intervals.

Same failure as in #9

I mean, same error as in #10

After I fixed the certificate file access (making them world-readable) I have a stable OpenVPN connection.

Switching to network-manager-openvpn and network-manager-openvpn-gnome provided with zesty returns the system to a non-working state.

Switching to the patched packages at https://bugs.launchpad.net/ubuntu/+source/network-manager-openvpn/+bug/1681295 gives a stable connection.

I have now chosen to pin the patched packages through

sudo apt-mark hold network-manager-openvpn
sudo apt-mark hold network-manager-openvpn-gnome

Hello,
I had my share of issues with network-manager-openvpn, especially with profiles exported from pfsense appliances, as those tend to inline some configurations.
I remember I had issues with Ubuntu 17.04 and 16.04 but as I am testing now, it seems all profiles I have can be imported and used.

If you can share your configuration I might be able to help and run some tests. you can hide your certificate files and hostname.

Tested on Ubuntu 17.04 - no issue
network-manager-openvpn and network-manager-openvpn-gnome 1.2.6-2ubuntu1

Tested on Ubuntu 17.10 - no issue
network-manager-openvpn and network-manager-openvpn-gnome 1.2.6-2ubuntu1

Hi,

I fixed mine removing deprecated items from the ovpn configuration file.

More specifically, my config had the "tls-remote" directive. After commenting it out, it works perfectly.

Cheers,

Daniel

Hello,
I had a problem importing configuration files to create a VPN connection. Nothing would happen after clicking on "Import from file..".
After countless attempts (and only after turning my 2nd monitor on) I realized that the "Select file to import" window opens on the 2nd monitor and can't be moved to the main monitor.
After selecting the file to import and clicking "Open" on the 2nd monitor, the rest of the procedure to add a VPN worked fine and I was able to set a VPN connection.
I hope this helps.

PS: The same problem occurs with other applications.
    Ex. Trying to open a document in LibreOffice, the window to select the file opens on the 2nd
        monitor.

I forgot to mention in my previous post (#18) that I use Ubuntu 17.10.

Cheers

Hi again,

(follow-up to #18 & #19 posts)

I found out that "Display Mode" in Settings -> Devices -> Displays was set to "Join Displays".
Setting it to "Single Display" solves for me the issue of windows appearing on the 2nd monitor.

Removing deprecated items from the ovpn configuration file does not help in my case. I still need the patched packages.