Fedora Linux Support Community & Resources Center
  #1  
Old 16th February 2012, 04:33 AM
BrassDude Offline
Registered User
 
Join Date: Feb 2012
Location: Switzerland
Posts: 3
windows_7firefox
Remotely starting a VPN connection does not work

Hi,

I've installed Fedora 16 on my desktop machine and set up a VPN connection in the NetworkManager. When I'm sitting at my desktop I can easily start the VPN connection (I've saved the password). Also from the command line using the nmcli command works straight forward.

But when I'm remotely logged-in via ssh (e.g. from my laptop at home) I can't start the VPN connection on my desktop. I get:

$> nmcli con up id "My VPN Connection"
Error: Connection activation failed: Not authorized to control networking.

Why does it only work when I'm sitting at my desktop and not remotely? Is there something I need to set? Thanks for your help.
Reply With Quote
  #2  
Old 28th February 2012, 02:36 AM
BrassDude Offline
Registered User
 
Join Date: Feb 2012
Location: Switzerland
Posts: 3
windows_7firefox
Re: Remotely starting a VPN connection does not work

Hmm - so nobody has an idea what is going on here? Even the slightest tip or hint would be greatly appreciated. Thanks.
Reply With Quote
  #3  
Old 28th February 2012, 03:13 AM
beaker_ Offline
Registered User
 
Join Date: Nov 2008
Location: Canada
Posts: 2,349
unknownsafari
Re: Remotely starting a VPN connection does not work

Nope.., not a cluie. Both openvpn --config xyz and systemctl work here so... not enough info.
Reply With Quote
  #4  
Old 28th February 2012, 03:33 AM
smr54 Online
Registered User
 
Join Date: Jan 2010
Posts: 5,481
linuxchrome
Re: Remotely starting a VPN connection does not work

Might be a firewall, might be SELinux, might be something in the vpn configuration.

What type of VPN switch are you using--that is, are you connecting to a Cisco switch, an MS VPN server, OpenVPN server?

If it's a Cisco vpn server, then I'd just recommend using vpnc rather than the NM client. If it's not Cisco, then I really don't know.
Reply With Quote
  #5  
Old 28th February 2012, 08:58 PM
beaker_ Offline
Registered User
 
Join Date: Nov 2008
Location: Canada
Posts: 2,349
linuxfirefox
Re: Remotely starting a VPN connection does not work

Ok... Crash course in polkit for ya:

At the terminal:
Code:
su
$ pkaction |grep NetworkManager
 org.freedesktop.NetworkManager.enable-disable-network
 org.freedesktop.NetworkManager.enable-disable-wifi
 org.freedesktop.NetworkManager.enable-disable-wimax
 org.freedesktop.NetworkManager.enable-disable-wwan
 org.freedesktop.NetworkManager.network-control
 org.freedesktop.NetworkManager.settings.modify.hostname
 org.freedesktop.NetworkManager.settings.modify.own
 org.freedesktop.NetworkManager.settings.modify.system
 org.freedesktop.NetworkManager.sleep-wake
 org.freedesktop.NetworkManager.wifi.share.open
 org.freedesktop.NetworkManager.wifi.share.protected

$ pkaction --action-id org.freedesktop.NetworkManager.network-control --verbose
  description:       Allow control of network connections
  message:           System policy prevents control of network connections
  vendor:            NetworkManager
  vendor_url:        http://www.gnome.org/projects/NetworkManager
  icon:              nm-icon
  implicit any:      no
  implicit inactive: yes
  implicit active:   yes
So write your own policy. For example:
/etc/polkit-1/localauthority/90-mandatory.d/90-my.thinly.checked.pkla
Code:
[Network Manager - Control... haha]
Identity=unix-user:Beaker
Action=org.freedesktop.NetworkManager.network-control
ResultAny=yes
ResultInactive=yes
ResultActive=yes
Brush up on your polkit and convince your self it works as desired because, well.., you don't want to screw up your network connection 100miles away.

Now the loaded question is; why are you relying on network manager as opposed to a service?
Reply With Quote
  #6  
Old 28th February 2012, 09:52 PM
jpollard Online
Registered User
 
Join Date: Aug 2009
Location: Waldorf, Maryland
Posts: 6,790
linuxfirefox
Re: Remotely starting a VPN connection does not work

Can't tell from here (haven't needed VPN yet), but I have run across other problems - some VPNs require the network access to to other systems to be cut off. A local user is not cut off as they are "local" a ssh session, on the other hand, is remote - and if the VPN successfully started you would be cut off from the system.
Reply With Quote
  #7  
Old 6th March 2012, 06:35 AM
BrassDude Offline
Registered User
 
Join Date: Feb 2012
Location: Switzerland
Posts: 3
windows_7firefox
Re: Remotely starting a VPN connection does not work

Thanks Beaker - your tweak by adding your code snippet in a file under /etc/polkit-1/localauthority/90-mandatory.d/ did it for me. I can now start the VPN client remotely. Not yet quite clear to me what I really did - have to read more on how the PolicyKit works. But thanks anyway.
Reply With Quote
Reply

Tags
connection, remotely, starting, vpn, work

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
DBUS remotely connection masch Programming & Packaging 2 6th August 2008 04:30 PM
Proper way to setup webmaster to work on his webpages remotely pjviitas Using Fedora 10 10th November 2006 12:23 AM
postgresql connection remotely? Secret Agent Using Fedora 1 10th January 2006 07:06 PM


Current GMT-time: 03:46 (Friday, 01-08-2014)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive
logo

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.

Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

FedoraForum is Powered by RedHat