Is there any documentation anywhere for the "Edit Network Connection" / VPN dialogue?
Specific questions: - What is "System connection"? - Under IPv4/Basic, what is the difference between "Automatic (VPN)" and "Automatic (VPN) addresses only"
Also, on more than one occasion I've had a connection drop out and been unable to restart it without rebooting the PC - there's presumably something else that I should be able to restart that falls short of a reboot?
On 08 Mar 13:55, Mark Rogers wrote:
Is there any documentation anywhere for the "Edit Network Connection" / VPN dialogue?
Specific questions:
- What is "System connection"?
System rather than User level Network Manager config...
- Under IPv4/Basic, what is the difference between "Automatic (VPN)"
and "Automatic (VPN) addresses only"
The first would be "set my default gateway through the VPN".
The second would be "only add routes to the VPN'd hosts"
Also, on more than one occasion I've had a connection drop out and been unable to restart it without rebooting the PC - there's presumably something else that I should be able to restart that falls short of a reboot?
You can probably just restart network manager.
On 8 March 2013 14:20, Brett Parker iDunno@sommitrealweird.co.uk wrote:
On 08 Mar 13:55, Mark Rogers wrote:
- What is "System connection"?
System rather than User level Network Manager config...
Sorry to be daft but what does that mean in practice?
- Under IPv4/Basic, what is the difference between "Automatic (VPN)"
and "Automatic (VPN) addresses only"
The first would be "set my default gateway through the VPN".
The second would be "only add routes to the VPN'd hosts"
I thought that, but under IPv4/Routes there's "Use only for resources on this connection" which I thought would do that?
Googling suggests this settings has something to do with DNS although I'm none the wiser.
Either way, having just joined a Windows VPN, neither setting gives me routes to addresses on the VPN unless I manually add a route; the subnet mask for the connection is coming up as 255.255.255.255
You can probably just restart network manager.
Unticking "Enable networking", waiting, then reticking it, seems to work too. Although for some reason my DHCP provided DNS settings then went awry.
(Never been a fan of NM but thought I should try it again, never used it under KDE before though.)
On 08/03/13 14:38, Mark Rogers wrote:
On 8 March 2013 14:20, Brett Parker iDunno@sommitrealweird.co.uk wrote:
On 08 Mar 13:55, Mark Rogers wrote:
- What is "System connection"?
System rather than User level Network Manager config...
Sorry to be daft but what does that mean in practice?
User level network manager configs apply to the logged in user only and are only available once that user logs in. So if it was a multi user machine it might make sense if that particular vpn connection is only available to you. User level configs don't require superuser rights to create or amend.
It's essentially the same as unticking the box in windows that says "make this connection available to all users"
- Under IPv4/Basic, what is the difference between "Automatic (VPN)"
and "Automatic (VPN) addresses only"
The first would be "set my default gateway through the VPN".
The second would be "only add routes to the VPN'd hosts"
I thought that, but under IPv4/Routes there's "Use only for resources on this connection" which I thought would do that?
Googling suggests this settings has something to do with DNS although I'm none the wiser.
Either way, having just joined a Windows VPN, neither setting gives me routes to addresses on the VPN unless I manually add a route; the subnet mask for the connection is coming up as 255.255.255.255
That sounds like a misconfiguration at one end or the other, are you sure the VPN endpoints DHCP server is setting those options for other clients....I think if it's working correctly the address only option ignores all the scope options like DNS server etc as well as routing. Where as the "use only for resources on this connection" should set a route for the endpoints subnet but not use that as a default gateway.
Unticking "Enable networking", waiting, then reticking it, seems to work too. Although for some reason my DHCP provided DNS settings then went awry.
Sometimes with PPTP that can be an artefact of consumer level kit (and some not consumer level kit) not dealing with the GRE packets very well. I have encountered routers where once they have routed GRE packets to a particular host they won't work with another until they are rebooted and I have also encountered routers that seem to need the host to refresh itself in the dhcp table before they will route GRE
On 9 March 2013 09:24, Wayne Stallwood ALUGlist@digimatic.co.uk wrote:
User level network manager configs apply to the logged in user only and are only available once that user logs in. So if it was a multi user machine it might make sense if that particular vpn connection is only available to you. User level configs don't require superuser rights to create or amend.
OK, thanks.
So, put simply, it shouldn't make any difference to whether or not I can make a connection reliably, and on a single-user system it doesn't make all that much difference?
(From a security point of view, is making it "system" to prevent anything else playing with it best? I assume that once connected there's no difference to what can use it? Ie if "mark" has a user-level PPTP config and establishes a connection, then "wayne" logs in, I assume "wayne" will still be able to (or even forced to) use the VPN?)
That sounds like a misconfiguration at one end or the other, are you sure the VPN endpoints DHCP server is setting those options for other clients....I think if it's working correctly the address only option ignores all the scope options like DNS server etc as well as routing. Where as the "use only for resources on this connection" should set a route for the endpoints subnet but not use that as a default gateway.
OK, thanks for the tips, I'll experiment and see if I can work it out.
Unticking "Enable networking", waiting, then reticking it, seems to work too. Although for some reason my DHCP provided DNS settings then went awry.
Sometimes with PPTP that can be an artefact of consumer level kit (and some not consumer level kit) not dealing with the GRE packets very well. I have encountered routers where once they have routed GRE packets to a particular host they won't work with another until they are rebooted and I have also encountered routers that seem to need the host to refresh itself in the dhcp table before they will route GRE
That all seems to make sense, but I don't understand how resetting the network at my end may help re-establish connection in his case?
I think the VPN I was connecting to (or not!) was on a Dreytek router.
-
Brett Parker -
Mark Rogers -
Wayne Stallwood