Hey there,
I can’t connect to my universities network with sstp vpn on Manjaro Linux, gnome 45.
I did set up my vpn according to the HowTos on the website of the university. As a workaround, i did set up a VM with Ubuntu and can connect to the university network without any problems.
I’ve found these two threads with the same problem (and the same university…):
I tried setting up the vpn new and reinstalled network-manager-sstp. According to the wiki of my university I only need the T-TeleSec_GlobalRoot_Class_2.pem-Certificate, which is in /etc/ssl/certs/.
In the second thread the user found a workaround with using PPTP instead of SSTP, but that doesn’t work neither on my machine.
[for those who speak german: this is the how to from my university: https://shorturl.at/gFH59 and https://shorturl.at/afS19 , but they are for Ubuntu and Fedora mainly.]
Further details on setup and sstpc-log:
>>> nmcli con up id vpn.uni-tuebingen.de
Error: Connection activation failed: Unknown reason
Hint: use 'journalctl -xe NM_CONNECTION=d0fe4587-0940-41ea-ac89-fb88c5fe4d9e + NM_DEVICE=wlp2s0' to get more details.
>>> journalctl -xe NM_CONNECTION=d0fe4587-0940-41ea-ac89-fb88c5fe4d9e + NM_DEVICE=wlp2s0
Okt 23 16:45:35 matemensch NetworkManager[730]: <info> [1698072335.1826] dhcp4 (wlp2s0): state changed new lease, address=192.168.17.252
Okt 23 16:47:06 matemensch NetworkManager[730]: <info> [1698072426.9406] vpn[0x55c0d4088130,d0fe4587-0940-41ea-ac89-fb88c5fe4d9e,"vpn.uni-tuebingen.de"]: starting sstp
Okt 23 16:47:07 matemensch NetworkManager[730]: <warn> [1698072427.3652] vpn[0x55c0d4088130,d0fe4587-0940-41ea-ac89-fb88c5fe4d9e,"vpn.uni-tuebingen.de"]: dbus: failure: connect-failed (1)
Okt 23 16:49:06 matemensch NetworkManager[730]: <info> [1698072546.1173] vpn[0x55c0d3f7c6a0,d0fe4587-0940-41ea-ac89-fb88c5fe4d9e,"vpn.uni-tuebingen.de"]: starting sstp
Okt 23 16:49:06 matemensch NetworkManager[730]: <warn> [1698072546.6887] vpn[0x55c0d3f7c6a0,d0fe4587-0940-41ea-ac89-fb88c5fe4d9e,"vpn.uni-tuebingen.de"]: dbus: failure: connect-failed (1)
Okt 23 16:50:35 matemensch NetworkManager[730]: <info> [1698072635.1874] dhcp4 (wlp2s0): state changed new lease, address=192.168.17.252
>>> sudo cat /etc/NetworkManager/system-connections/vpn.uni-tuebingen.de.nmconnection
[sudo] password for matemensch:
[connection]
id=vpn.uni-tuebingen.de
uuid=d0fe4587-0940-41ea-ac89-fb88c5fe4d9e
type=vpn
autoconnect=false
permissions=user:matemensch:;
[vpn]
connection-type=password
gateway=vpn.uni-tuebingen.de
ignore-cert-warn=no
lcp-echo-failure=5
lcp-echo-interval=30
password-flags=1
refuse-chap=yes
refuse-eap=no
refuse-mschap=no
refuse-mschapv2=no
refuse-pap=yes
tls-ext=yes
tls-verify-key-usage=no
user=[I've hid it, but it's correct...]
service-type=org.freedesktop.NetworkManager.sstp
[ipv4]
method=auto
[ipv6]
addr-gen-mode=default
method=auto
[proxy]
>>> sudo sstpc --log-level 2 --log-stdout vpn.uni-tuebingen.de
Oct 23 16:52:30 sstpc[11831]: Waiting for sstp-plugin to connect on: //run/sstpc/sstpc-uds-sock
Oct 23 16:52:30 sstpc[11831]: Resolved vpn.uni-tuebingen.de to 134.2.200.209
Oct 23 16:52:30 sstpc[11831]: Connected to vpn.uni-tuebingen.de
Oct 23 16:52:30 sstpc[11831]: SSL certificate verification failed: self-signed certificate in certificate chain (19)
Oct 23 16:52:30 sstpc[11831]: Verification of server certificate failed
**Error: Verification of server certificate failed, (-2)
INXI:
>>> inxi --admin --verbosity=7 --filter --width ✔ 7s
System:
Kernel: 6.1.63-1-MANJARO arch: x86_64 bits: 64 compiler: gcc v: 13.2.1
clocksource: tsc available: acpi_pm
parameters: BOOT_IMAGE=/boot/vmlinuz-6.1-x86_64
root=UUID=61d67336-73e3-49db-888d-7b51a9bab05d rw quiet splash apparmor=1
security=apparmor udev.log_priority=3
Desktop: GNOME v: 45.1 tk: GTK v: 3.24.38 wm: gnome-shell dm: GDM v: 45.0.1
Distro: Manjaro Linux base: Arch Linux
Machine:
Type: Laptop System: Dell product: Precision 3520 v: N/A
serial: <superuser required> Chassis: type: 10 serial: <superuser required>
Mobo: Dell model: N/A serial: <superuser required> UEFI: Dell v: 1.8.1
date: 12/13/2017
Battery:
ID-1: BAT0 charge: 32.4 Wh (70.4%) condition: 46.0/42.9 Wh (107.3%)
volts: 7.6 min: 7.4 model: LGC-LGC8.82 DELL DV9NT type: Li-ion
serial: <filter> status: discharging
Device-1: hidpp_battery_1 model: Logitech M705 serial: <filter> charge: 75%
rechargeable: yes status: discharging
Memory:
System RAM: total: 32 GiB available: 31.23 GiB used: 11 GiB (35.2%)
RAM Report: permissions: Unable to run dmidecode. Root privileges required.
CPU:
Info: model: Intel Core i7-7820HQ bits: 64 type: MT MCP arch: Kaby Lake
gen: core 7 level: v3 note: check built: 2018 process: Intel 14nm family: 6
model-id: 0x9E (158) stepping: 9 microcode: 0xF4
Topology: cpus: 1x cores: 4 tpc: 2 threads: 8 smt: enabled cache:
L1: 256 KiB desc: d-4x32 KiB; i-4x32 KiB L2: 1024 KiB desc: 4x256 KiB
L3: 8 MiB desc: 1x8 MiB
Speed (MHz): avg: 2000 min/max: 800/3900 scaling: driver: intel_pstate
governor: powersave cores: 1: 2000 2: 2000 3: 2000 4: 2000 5: 2000 6: 2000
7: 2000 8: 2000 bogomips: 46419
Flags: 3dnowprefetch abm acpi adx aes aperfmperf apic arat
arch_capabilities arch_perfmon art avx avx2 bmi1 bmi2 bts clflush
clflushopt cmov constant_tsc cpuid cpuid_fault cx16 cx8 de ds_cpl dtes64
dtherm dts epb ept ept_ad erms est f16c flexpriority flush_l1d fma fpu
fsgsbase fxsr ht hwp hwp_act_window hwp_epp hwp_notify ibpb ibrs ida
intel_pt invpcid invpcid_single lahf_lm lm mca mce md_clear mmx monitor
movbe mpx msr mtrr nonstop_tsc nopl nx pae pat pbe pcid pclmulqdq pdcm
pdpe1gb pebs pge pln pni popcnt pse pse36 pti pts rdrand rdseed rdtscp
rep_good sdbg sep smap smep smx ss ssbd sse sse2 sse4_1 sse4_2 ssse3 stibp
syscall tm tm2 tpr_shadow tsc tsc_adjust tsc_deadline_timer vme vmx vnmi
vpid x2apic xgetbv1 xsave xsavec xsaveopt xsaves xtopology xtpr
Vulnerabilities:
Type: gather_data_sampling mitigation: Microcode
Type: itlb_multihit status: KVM: VMX disabled
Type: l1tf mitigation: PTE Inversion; VMX: conditional cache flushes, SMT
vulnerable
Type: mds mitigation: Clear CPU buffers; SMT vulnerable
Type: meltdown mitigation: PTI
Type: mmio_stale_data mitigation: Clear CPU buffers; SMT vulnerable
Type: retbleed mitigation: IBRS
Type: spec_rstack_overflow status: Not affected
Type: spec_store_bypass mitigation: Speculative Store Bypass disabled via
prctl
Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer
sanitization
Type: spectre_v2 mitigation: IBRS, IBPB: conditional, STIBP: conditional,
RSB filling, PBRSB-eIBRS: Not affected
Type: srbds mitigation: Microcode
Type: tsx_async_abort mitigation: TSX disabled
Graphics:
Device-1: Intel HD Graphics 630 vendor: Dell driver: i915 v: kernel
arch: Gen-9.5 process: Intel 14nm built: 2016-20 ports: active: none
off: eDP-1 empty: DP-1, DP-2, HDMI-A-1, HDMI-A-2, HDMI-A-3 bus-ID: 00:02.0
chip-ID: 8086:591b class-ID: 0300
Device-2: NVIDIA GM107GLM [Quadro M620 Mobile] vendor: Dell driver: nvidia
v: 535.129.03 alternate: nouveau,nvidia_drm non-free: 545.xx+ status: current
(as of 2023-11; EOL~2026-12-xx) arch: Maxwell code: GMxxx
process: TSMC 28nm built: 2014-2019 pcie: gen: 1 speed: 2.5 GT/s lanes: 16
link-max: gen: 3 speed: 8 GT/s bus-ID: 01:00.0 chip-ID: 10de:13b4
class-ID: 0302
Device-3: Sunplus Innovation Integrated_Webcam_HD driver: uvcvideo
type: USB rev: 2.0 speed: 480 Mb/s lanes: 1 mode: 2.0 bus-ID: 1-11:3
chip-ID: 1bcf:2b96 class-ID: 0e02
Device-4: DisplayLink USB3.0 Dual Video Dock
driver: cdc_ncm,snd-usb-audio,usbfs type: USB rev: 3.2 speed: 5 Gb/s lanes: 1
mode: 3.2 gen-1x1 bus-ID: 4-1.1:3 chip-ID: 17e9:4307 class-ID: 0a00
serial: <filter>
Display: x11 server: X.org v: 1.21.1.9 with: Xwayland v: 23.2.2
compositor: gnome-shell driver: X: loaded: modesetting,nvidia
unloaded: nouveau alternate: fbdev,nv,vesa dri: iris gpu: evdi,i915
display-ID: :1 screens: 1
Screen-1: 0 s-res: 3600x1080 s-size: <missing: xdpyinfo>
Monitor-1: DVI-I-1 mapped: DVI-I-1-1 pos: primary,left model: Dell E2210
serial: <filter> built: 2011 res: 1680x1050 hz: 60 dpi: 90 gamma: 1.2
size: 473x296mm (18.62x11.65") diag: 558mm (22") ratio: 16:10 modes:
max: 1680x1050 min: 720x400
Monitor-2: DVI-I-2 mapped: DVI-I-2-2 pos: right model: Asus VE248
serial: <filter> built: 2015 res: 1920x1080 hz: 60 dpi: 92 gamma: 1.2
size: 531x299mm (20.91x11.77") diag: 609mm (24") ratio: 16:9 modes:
max: 1920x1080 min: 720x400
Monitor-3: eDP-1 note: disabled model: LG Display 0x0540 built: 2016
res: 1920x1080 dpi: 142 gamma: 1.2 size: 344x194mm (13.54x7.64")
diag: 395mm (15.5") ratio: 16:9 modes: 1920x1080
API: EGL v: 1.5 hw: drv: intel iris drv: nvidia platforms: device: 0
drv: nvidia device: 1 drv: iris device: 3 drv: swrast gbm: drv: iris
surfaceless: drv: nvidia x11: drv: iris inactive: wayland,device-2
API: OpenGL v: 4.6.0 compat-v: 4.5 vendor: intel mesa v: 23.1.9-manjaro1.1
glx-v: 1.4 direct-render: yes renderer: Mesa Intel HD Graphics 630 (KBL GT2)
device-ID: 8086:591b memory: 30.5 GiB unified: yes
Audio:
Device-1: Intel CM238 HD Audio vendor: Dell driver: snd_hda_intel v: kernel
bus-ID: 00:1f.3 chip-ID: 8086:a171 class-ID: 0403
Device-2: DisplayLink USB3.0 Dual Video Dock
driver: cdc_ncm,snd-usb-audio,usbfs type: USB rev: 3.2 speed: 5 Gb/s lanes: 1
mode: 3.2 gen-1x1 bus-ID: 4-1.1:3 chip-ID: 17e9:4307 class-ID: 0a00
serial: <filter>
API: ALSA v: k6.1.63-1-MANJARO status: kernel-api with: aoss
type: oss-emulator tools: alsactl,alsamixer,amixer
Server-1: JACK v: 1.9.22 status: off tools: N/A
Server-2: PipeWire v: 0.3.85 status: off tools: pw-cli
Server-3: PulseAudio v: 16.1 status: active with: pulseaudio-alsa
type: plugin tools: pacat,pactl
Network:
Device-1: Intel Ethernet I219-LM vendor: Dell driver: e1000e v: kernel
port: N/A bus-ID: 00:1f.6 chip-ID: 8086:15e3 class-ID: 0200
IF: enp0s31f6 state: down mac: <filter>
Device-2: Intel Wireless 8265 / 8275 driver: iwlwifi v: kernel pcie: gen: 1
speed: 2.5 GT/s lanes: 1 bus-ID: 02:00.0 chip-ID: 8086:24fd class-ID: 0280
IF: wlp2s0 state: up mac: <filter>
IP v4: <filter> type: dynamic noprefixroute scope: global
broadcast: <filter>
IP v6: <filter> type: noprefixroute scope: link
IF-ID-1: enp60s0u1u1i5 state: down mac: <filter>
WAN IP: <filter>
Bluetooth:
Device-1: Intel Bluetooth wireless interface driver: btusb v: 0.8 type: USB
rev: 2.0 speed: 12 Mb/s lanes: 1 mode: 1.1 bus-ID: 1-6:6 chip-ID: 8087:0a2b
class-ID: e001
Report: rfkill ID: hci0 rfk-id: 6 state: up address: see --recommends
Logical:
Message: No logical block device data found.
RAID:
Message: No RAID data found.
Drives:
Local Storage: total: 476.94 GiB used: 309.1 GiB (64.8%)
SMART Message: Required tool smartctl not installed. Check --recommends
ID-1: /dev/nvme0n1 maj-min: 259:0 vendor: SK Hynix model: PC401 NVMe 512GB
size: 476.94 GiB block-size: physical: 512 B logical: 512 B speed: 31.6 Gb/s
lanes: 4 tech: SSD serial: <filter> fw-rev: 80003E00 temp: 26.9 C
scheme: GPT
Message: No optical or floppy data found.
Partition:
ID-1: / raw-size: 378.4 GiB size: 371.39 GiB (98.15%)
used: 309.08 GiB (83.2%) fs: ext4 dev: /dev/nvme0n1p5 maj-min: 259:5
label: N/A uuid: 61d67336-73e3-49db-888d-7b51a9bab05d
ID-2: /boot/efi raw-size: 100 MiB size: 96 MiB (96.00%)
used: 25.3 MiB (26.4%) fs: vfat dev: /dev/nvme0n1p1 maj-min: 259:1 label: N/A
uuid: 8C9F-B348
Swap:
Alert: No swap data was found.
Unmounted:
ID-1: /dev/nvme0n1p2 maj-min: 259:2 size: 16 MiB fs: <superuser required>
label: N/A uuid: N/A
ID-2: /dev/nvme0n1p3 maj-min: 259:3 size: 97.91 GiB fs: ntfs label: N/A
uuid: 7896A12D96A0ECB6
ID-3: /dev/nvme0n1p4 maj-min: 259:4 size: 525 MiB fs: ntfs label: N/A
uuid: A680014B80012381
USB:
Hub-1: 1-0:1 info: hi-speed hub with single TT ports: 16 rev: 2.0
speed: 480 Mb/s (57.2 MiB/s) lanes: 1 mode: 2.0 chip-ID: 1d6b:0002
class-ID: 0900
Device-1: 1-6:6 info: Intel Bluetooth wireless interface type: bluetooth
driver: btusb interfaces: 2 rev: 2.0 speed: 12 Mb/s (1.4 MiB/s) lanes: 1
mode: 1.1 power: 100mA chip-ID: 8087:0a2b class-ID: e001
Device-2: 1-11:3 info: Sunplus Innovation Integrated_Webcam_HD type: video
driver: uvcvideo interfaces: 2 rev: 2.0 speed: 480 Mb/s (57.2 MiB/s) lanes: 1
mode: 2.0 power: 500mA chip-ID: 1bcf:2b96 class-ID: 0e02
Hub-2: 2-0:1 info: super-speed hub ports: 10 rev: 3.0
speed: 5 Gb/s (596.0 MiB/s) lanes: 1 mode: 3.2 gen-1x1 chip-ID: 1d6b:0003
class-ID: 0900
Hub-3: 3-0:1 info: hi-speed hub with single TT ports: 2 rev: 2.0
speed: 480 Mb/s (57.2 MiB/s) lanes: 1 mode: 2.0 chip-ID: 1d6b:0002
class-ID: 0900
Hub-4: 3-1:2 info: VIA Labs Hub ports: 4 rev: 2.1
speed: 480 Mb/s (57.2 MiB/s) lanes: 1 mode: 2.0 chip-ID: 2109:2811
class-ID: 0900
Hub-5: 3-1.4:3 info: Terminus Hub ports: 4 rev: 2.0
speed: 480 Mb/s (57.2 MiB/s) lanes: 1 mode: 2.0 power: 100mA
chip-ID: 1a40:0101 class-ID: 0900
Device-1: 3-1.4.1:4 info: Logitech Unifying Receiver
type: keyboard,mouse,HID driver: logitech-djreceiver,usbhid interfaces: 3
rev: 2.0 speed: 12 Mb/s (1.4 MiB/s) lanes: 1 mode: 1.1 power: 98mA
chip-ID: 046d:c52b class-ID: 0300
Device-2: 3-1.4.2:5 info: CHERRY Keyboard type: keyboard,HID
driver: cherry,usbhid interfaces: 2 rev: 2.0 speed: 1.5 Mb/s (183 KiB/s)
lanes: 1 mode: 1.0 power: 100mA chip-ID: 046a:0023 class-ID: 0300
Hub-6: 4-0:1 info: super-speed hub ports: 2 rev: 3.1
speed: 10 Gb/s (1.16 GiB/s) lanes: 1 mode: 3.2 gen-2x1 chip-ID: 1d6b:0003
class-ID: 0900
Hub-7: 4-1:2 info: VIA Labs Hub ports: 4 rev: 3.0
speed: 5 Gb/s (596.0 MiB/s) lanes: 1 mode: 3.2 gen-1x1 chip-ID: 2109:8110
class-ID: 0900
Device-1: 4-1.1:3 info: DisplayLink USB3.0 Dual Video Dock
type: audio,communication,CDC-data driver: cdc_ncm,snd-usb-audio,usbfs
interfaces: 7 rev: 3.2 speed: 5 Gb/s (596.0 MiB/s) lanes: 1
mode: 3.2 gen-1x1 power: 8mA chip-ID: 17e9:4307 class-ID: 0a00
serial: <filter>
Sensors:
System Temperatures: cpu: 48.0 C pch: 51.0 C mobo: 39.0 C sodimm: SODIMM C
Fan Speeds (rpm): cpu: 2270
Info:
Processes: 335 Uptime: 23h 6m wakeups: 2 Init: systemd v: 254
default: graphical tool: systemctl Compilers: gcc: 13.2.1 clang: 16.0.6
Packages: pm: pacman pkgs: 1733 libs: 406
tools: gnome-software,pacaur,pamac,yay pm: flatpak pkgs: 0 Shell: Zsh v: 5.9
running-in: gnome-terminal inxi: 3.3.31
Hope that’s enough information for now, thank you for your help <3