network manager openvpn log & verbosity
Forum rules
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
network manager openvpn log & verbosity
I've got random failures (AUTH failures) in my VPN connection. I think I can debug further by increasing openvpn verbosity, and directing it (temporarily) to its own log file. Trouble is, I can't figure out how to do that under network manager and its openvpn plugin (I think that's what its called). I'm hoping someone here could tell me how/where the network manager openvpn plugin is configured, so that I could add the openvpn config details.
Re: network manager openvpn log & verbosity
Well, I've traced it to a service or two. I'm hoping that putting these details in might get me far enough along that an expert might weigh in on where the config file is that I'm looking for.
When I have a VPN connection active, I can find the openvpn command that started it. It's a long line with lots of options, including the verb (log level/verbosity) option: '--verb 1'. level 1 is nowhere near enough to do the debugging I need to do. I have been searching and searching for the file that contains that text, and can't find it.
It seems NetworkManager, when I activate a VPN connection, runs the openvpn@ service. At least part of that service's config is /etc/systemd/system/openvpn@.service. That file has an ExecStart line that has some of the command-line options specified, but not all. The /etc/systemd/system/openvpn@.service seems to have pointers to other files, but those files don't exist. Here's the openvpn@.service ExecStart line:
Being a sophomoric user, I look for files in /etc/openvpn, and don't find anything useful. I look for /run/openvpn/*.status, and don't find anything.
So I'm looking for the configuration file that the openvpn@ service uses that results in the long command line for the openvpn connection. If anyone knows where I should look, I'd appreciate it.
When I have a VPN connection active, I can find the openvpn command that started it. It's a long line with lots of options, including the verb (log level/verbosity) option: '--verb 1'. level 1 is nowhere near enough to do the debugging I need to do. I have been searching and searching for the file that contains that text, and can't find it.
It seems NetworkManager, when I activate a VPN connection, runs the openvpn@ service. At least part of that service's config is /etc/systemd/system/openvpn@.service. That file has an ExecStart line that has some of the command-line options specified, but not all. The /etc/systemd/system/openvpn@.service seems to have pointers to other files, but those files don't exist. Here's the openvpn@.service ExecStart line:
ExecStart=/usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status 10 --cd /etc/openvpn --script-security 2 --config /etc/openvpn/%i.conf --writepid /run/openvpn/%i.pidBeing a sophomoric user, I look for files in /etc/openvpn, and don't find anything useful. I look for /run/openvpn/*.status, and don't find anything.
So I'm looking for the configuration file that the openvpn@ service uses that results in the long command line for the openvpn connection. If anyone knows where I should look, I'd appreciate it.
Re: network manager openvpn log & verbosity
I had the same problem, different issue. Finally figured it out.
I just had to piece a lot together myself, but from what I can tell, Networkmanger doesn't actually use the openvpn service, it calls the executable directly. You can see check that when you are connected, there is no openvpn service running, and you should be able to see the command line in Networkmanager's status
If your connection name is "c", you can find all the config information by If you google enough about nmcli you can change any of those parameters there, or even through the GUI.
But, not the "verb" level. The networkmanager debugging level controls the verb parameter. I don't know off-hand how the NM levels correspond to openvpn verb levels but the networkmanager has DEBUG, ERR, INFO, OFF, TRACE, WARN. Apparently the default for the domain "VPN_PLUGIN" is OFF which corresponds to --verb 1. INFO appears to be 2, and DEBUG is 5 but that's the most I've played around with it. To set it and not mess with the rest of NM's logging you want
I know this post was ages ago, but since I didn't actually find the answer anywhere else, I though i would share for future googlers.
I just had to piece a lot together myself, but from what I can tell, Networkmanger doesn't actually use the openvpn service, it calls the executable directly. You can see check that when you are connected, there is no openvpn service running, and you should be able to see the command line in Networkmanager's status
Code: Select all
systemctl status networkmanager|grep 'verb'Code: Select all
nmcli connection show cBut, not the "verb" level. The networkmanager debugging level controls the verb parameter. I don't know off-hand how the NM levels correspond to openvpn verb levels but the networkmanager has DEBUG, ERR, INFO, OFF, TRACE, WARN. Apparently the default for the domain "VPN_PLUGIN" is OFF which corresponds to --verb 1. INFO appears to be 2, and DEBUG is 5 but that's the most I've played around with it. To set it and not mess with the rest of NM's logging you want
Code: Select all
sudo nmcli general logging level keep domains VPN_PLUGIN:DEBUG-
shoaibiqbal123
- Level 1
- Posts: 18
- Joined: Thu Nov 25, 2021 5:32 am
Re: network manager openvpn log & verbosity
Troubleshooting OpenVPN issues with Network Manager often involves ensuring the OpenVPN service is active, updating system and Network Manager, checking configuration files and permissions, and ensuring the Network Manager OpenVPN plugin is installed. Restarting Network Manager and verifying firewall and DNS settings can also help. For a smoother experience, many VPN providers, like PureVPN partner program, offer Network Manager integration, simplifying setup and troubleshooting for Linux users. 
Re: network manager openvpn log & verbosity
Following steps can be helpful:
(1)Install OpenVPN and the OpenVPN plugin for the Network Manager. Depending on your distro you may also require the network-manager-openvpn-gnome package.
sudo apt-get install openvpn network-manager-openvpn
(2)Download the "config files" and extract contents to a temporary directory.
(3)Click on the "Network Manager" icon and select Edit connections.
(4)Select one of the .ovpn files you extracted from step 2 representing the server you would like to configure and click Open to import.
(5)The VPN configuration window will open on the VPN tab. Under the Authentication heading update the "Type" to "Password".
(6)Enter your account ID that begins with letters ‘ivpnXXXXXXXX’ or ‘i-XXXX-XXXX-XXXX’ and any password.
(7)Click on the "Network Manager" icon in the toolbar and select the newly configured server under VPN Connections.
(1)Install OpenVPN and the OpenVPN plugin for the Network Manager. Depending on your distro you may also require the network-manager-openvpn-gnome package.
sudo apt-get install openvpn network-manager-openvpn
(2)Download the "config files" and extract contents to a temporary directory.
(3)Click on the "Network Manager" icon and select Edit connections.
(4)Select one of the .ovpn files you extracted from step 2 representing the server you would like to configure and click Open to import.
(5)The VPN configuration window will open on the VPN tab. Under the Authentication heading update the "Type" to "Password".
(6)Enter your account ID that begins with letters ‘ivpnXXXXXXXX’ or ‘i-XXXX-XXXX-XXXX’ and any password.
(7)Click on the "Network Manager" icon in the toolbar and select the newly configured server under VPN Connections.