Cannot connect to my workplace VPN

Hi there, I cannot connect to my workplace VPN. When i try to connect to the VPN i get a timeout message. On Windows everythings works fine. I use the same .ovpn file for Windows and Manjaro KDE.

This is the output from journalctl -f:

Sep 08 14:22:14 PC systemd[1]: NetworkManager-dispatcher.service: Deactivated successfully.
Sep 08 14:22:16 PC systemsettings[2226]: QDBusObjectPath: invalid path ""
Sep 08 14:22:16 PC NetworkManager[737]: <info>  [xxxxxxxxxxxx] vpn[xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx]: starting openvpn
Sep 08 14:22:16 PC NetworkManager[737]: <info>  [xxxxxxxxxxxx] audit: op="connection-activate" uuid="xxxxxxxxxxxxxxxxxxxxxxxxxxxx" name="xxxxxxxxxxxxxxx" pid=xxxxx uid=xxxx result="success"
Sep 08 14:22:16 PC kded6[985]: org.kde.plasma.nm.kded: Unhandled VPN connection state change:  NetworkManager::VpnConnection::NeedAuth
Sep 08 14:22:16 PC kded6[985]: kf.networkmanagerqt: void NetworkManager::ConnectionPrivate::onPropertiesChanged(const QVariantMap&) Unhandled property "VersionId"
Sep 08 14:22:16 PC systemsettings[2226]: kf.networkmanagerqt: void NetworkManager::ConnectionPrivate::onPropertiesChanged(const QVariantMap&) Unhandled property "VersionId"
Sep 08 14:22:16 PC plasmashell[1008]: kf.networkmanagerqt: void NetworkManager::ConnectionPrivate::onPropertiesChanged(const QVariantMap&) Unhandled property "VersionId"
Sep 08 14:22:16 PC kded6[985]: kf.networkmanagerqt: void NetworkManager::ConnectionPrivate::onPropertiesChanged(const QVariantMap&) Unhandled property "VersionId"
Sep 08 14:22:16 PC systemsettings[2226]: kf.networkmanagerqt: void NetworkManager::ConnectionPrivate::onPropertiesChanged(const QVariantMap&) Unhandled property "VersionId"
Sep 08 14:22:16 PC plasmashell[1008]: kf.networkmanagerqt: void NetworkManager::ConnectionPrivate::onPropertiesChanged(const QVariantMap&) Unhandled property "VersionId"
Sep 08 14:22:16 PC kded6[985]: org.kde.plasma.nm.kded: Unhandled VPN connection state change:  NetworkManager::VpnConnection::Connecting
Sep 08 14:22:16 PC nm-openvpn[2723]: Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
Sep 08 14:22:16 PC nm-openvpn[2723]: OpenVPN 2.6.12 [git:makepkg/038a94bae57a446c+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO] built on Jul 18 2024
Sep 08 14:22:16 PC nm-openvpn[2723]: library versions: OpenSSL 3.3.1 4 Jun 2024, LZO 2.10
Sep 08 14:22:16 PC nm-openvpn[2723]: DCO version: N/A
Sep 08 14:22:16 PC nm-openvpn[2723]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Sep 08 14:22:16 PC nm-openvpn[2723]: TCP/UDP: Preserving recently used remote address: [AF_INET6]xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Sep 08 14:22:16 PC nm-openvpn[2723]: UDPv6 link local: (not bound)
Sep 08 14:22:16 PC nm-openvpn[2723]: UDPv6 link remote: [AF_INET6]xxxxxxxxxxxxxxxxxxxxxxxxx
Sep 08 14:22:16 PC nm-openvpn[2723]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Sep 08 14:23:16 PC NetworkManager[737]: <warn>  [xxxxxxxxxxxxxx] vpn[xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx]: connect timeout exceeded
Sep 08 14:23:16 PC nm-openvpn-serv[2717]: Connect timer expired, disconnecting.
Sep 08 14:23:16 PC nm-openvpn[2723]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sep 08 14:23:16 PC nm-openvpn[2723]: TLS Error: TLS handshake failed
Sep 08 14:23:16 PC nm-openvpn[2723]: SIGTERM[hard,] received, process exiting

Openvpn:

OpenVPN 2.6.12 [git:makepkg/038a94bae57a446c+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO] built on Jul 18 2024
library versions: OpenSSL 3.3.1 4 Jun 2024, LZO 2.10

Thanks a lot in advance!

I do not use OpenVPN, and cannot offer any help with your issue.

However, I’ll mention that it likely requires some configuration on your part. Linux isn’t Windows (at the risk of overstating the obvious).

Additional considerations:

  • Perhaps you need to configure your firewall to allow the VPN traffic; OpenVPN will likely have information on that.
  • Did you install the VPN package from a foreign source? OpenVPN is available in the official Manjaro repositories; this package may be more likely to function as expected.
sudo pacman -S openvpn
  • If you are attempting to connect via WiFi, consider a more stable network cable connection to your router (if applicable to your situation)

Please provide the output of:

inxi --admin --verbosity=8 --filter --no-host --width

as this may be helpful for those wishing to offer assistance.


Hi @Hame and welcome to the Manjaro community.

As a new user, please take some time to familiarise yourself with Forum requirements; in particular, the many ways to use the forum to your benefit. To that end, some or all these links will be invaluable:

Last, but not least, the Stable Update Announcements, which you should check frequently for important update related information.

Cheers.

This indicates a certificate based connection.

Is your configuration file configured with the full path to the certificate?

Other than that - it is impossible to guess what the issue could be.

On Windows you use certificate manager to load the certificate into the systems certificate store - that is not how Linux works.

The most common configuration is to provide the full path to the the certificate in question.

man update-ca-trust