Can´t connect to vpn after update

Hi there!

Since the last one or two updates when I try to connect to my universities network via vpn the connection failes with the error message “Necessary secrets for the VPN connection ‘Uni’ were not provided.”. I am using the built in network manager GUI on a KDE plasma setup. The connection worked fine before, it works under my windows boot and it worked on my laptop (manjaro KDE also) before I performed a system update, since the update the same error occurs. Wifi on the Laptop works, just vpn is messed up.

How can I fix this?

Thank you all in advance!

When looking for solutions I found a post in a gentoo forum which stated that changing/adding polkit rules could fix the problem. (https://forums.gentoo.org/viewtopic-t-1040060-start-0.html)
Since changing these rules seems to mess with system files I hesitate to try this without checking back.

inxi --admin --verbosity=7 --filter --width
System:
  Kernel: 5.10.124-1-MANJARO arch: x86_64 bits: 64 compiler: gcc v: 12.1.0
    parameters: BOOT_IMAGE=/boot/vmlinuz-5.10-x86_64
    root=UUID=7faeb08f-af2c-4a51-8634-b4a54fb3df32 rw quiet apparmor=1
    security=apparmor resume=UUID=c2f1a4ab-a53e-45fa-8bf0-faf32d472c3f
    udev.log_priority=3
  Desktop: KDE Plasma v: 5.24.5 tk: Qt v: 5.15.5 wm: kwin_x11 vt: 1 dm: SDDM
    Distro: Manjaro Linux base: Arch Linux
Machine:
  Type: Desktop System: ASUS product: N/A v: N/A serial: <superuser required>
  Mobo: ASUSTeK model: PRIME Z590-V v: Rev 1.xx serial: <superuser required>
    UEFI: American Megatrends v: 1017 date: 07/12/2021
Battery:
  Message: No system battery data found. Is one present?
Memory:
  RAM: total: 15.47 GiB used: 3.22 GiB (20.8%)
  RAM Report:
    permissions: Unable to run dmidecode. Root privileges required.
CPU:
  Info: model: 11th Gen Intel Core i7-11700KF bits: 64 type: MT MCP
    arch: Rocket Lake gen: core 11 built: 2021+ process: Intel 14nm family: 6
    model-id: 0xA7 (167) stepping: 1 microcode: 0x53
  Topology: cpus: 1x cores: 8 tpc: 2 threads: 16 smt: enabled cache:
    L1: 640 KiB desc: d-8x48 KiB; i-8x32 KiB L2: 4 MiB desc: 8x512 KiB
    L3: 16 MiB desc: 1x16 MiB
  Speed (MHz): avg: 4802 high: 4892 min/max: 800/4900:5000 scaling:
    driver: intel_pstate governor: powersave cores: 1: 4842 2: 4724 3: 4690
    4: 4794 5: 4710 6: 4745 7: 4875 8: 4866 9: 4710 10: 4881 11: 4825 12: 4862
    13: 4877 14: 4782 15: 4892 16: 4760 bogomips: 115232
  Flags: 3dnowprefetch abm acpi adx aes aperfmperf apic arat
    arch_capabilities arch_perfmon art avx avx2 avx512_bitalg avx512_vbmi2
    avx512_vnni avx512_vpopcntdq avx512bw avx512cd avx512dq avx512f avx512ifma
    avx512vbmi avx512vl bmi1 bmi2 bts clflush clflushopt cmov constant_tsc
    cpuid cpuid_fault cx16 cx8 de ds_cpl dtes64 dtherm dts epb erms est f16c
    flush_l1d fma fpu fsgsbase fsrm fxsr gfni ht hwp hwp_act_window hwp_epp
    hwp_notify hwp_pkg_req ibpb ibrs ibrs_enhanced ida intel_pt invpcid
    invpcid_single lahf_lm lm mca mce md_clear mmx monitor movbe mpx msr mtrr
    nonstop_tsc nopl nx ospke pae pat pbe pcid pclmulqdq pdcm pdpe1gb pebs pge
    pku pln pni popcnt pse pse36 pts rdpid rdrand rdseed rdtscp rep_good sdbg
    sep sha_ni smap smep ss ssbd sse sse2 sse4_1 sse4_2 ssse3 stibp syscall tm
    tm2 tsc tsc_adjust tsc_deadline_timer tsc_known_freq umip vaes vme
    vpclmulqdq x2apic xgetbv1 xsave xsavec xsaveopt xsaves xtopology xtpr
  Vulnerabilities:
  Type: itlb_multihit status: Not affected
  Type: l1tf status: Not affected
  Type: mds status: Not affected
  Type: meltdown status: Not affected
  Type: mmio_stale_data mitigation: Clear CPU buffers; SMT vulnerable
  Type: spec_store_bypass
    mitigation: Speculative Store Bypass disabled via prctl and seccomp
  Type: spectre_v1
    mitigation: usercopy/swapgs barriers and __user pointer sanitization
  Type: spectre_v2 status: Vulnerable: eIBRS with unprivileged eBPF
  Type: srbds status: Not affected
  Type: tsx_async_abort status: Not affected
Graphics:
  Device-1: NVIDIA GP104 [GeForce GTX 1080] vendor: ASUSTeK driver: nvidia
    v: 515.48.07 alternate: nouveau,nvidia_drm non-free: 515.xx+
    status: current (as of 2022-06) arch: Pascal process: TSMC 16nm
    built: 2016-21 pcie: gen: 3 speed: 8 GT/s lanes: 16 bus-ID: 01:00.0
    chip-ID: 10de:1b80 class-ID: 0300
  Display: x11 server: X.Org v: 21.1.3 compositor: kwin_x11 driver: X:
    loaded: nvidia gpu: nvidia display-ID: :0 screens: 1
  Screen-1: 0 s-res: 3840x1080 s-dpi: 94 s-size: 1038x292mm (40.87x11.50")
    s-diag: 1078mm (42.45")
  Monitor-1: DVI-D-0 pos: primary,left res: 1920x1080 hz: 60 dpi: 102
    size: 477x268mm (18.78x10.55") diag: 547mm (21.54") modes: N/A
  Monitor-2: HDMI-1 pos: right res: 1920x1080 hz: 60 dpi: 305
    size: 160x90mm (6.3x3.54") diag: 184mm (7.23") modes: N/A
  OpenGL: renderer: NVIDIA GeForce GTX 1080/PCIe/SSE2
    v: 4.6.0 NVIDIA 515.48.07 direct render: Yes
Audio:
  Device-1: Intel Tiger Lake-H HD Audio vendor: ASUSTeK driver: snd_hda_intel
    bus-ID: 1-10.1:6 v: kernel chip-ID: 046d:0a5b alternate: snd_sof_pci
    class-ID: 0300 bus-ID: 00:1f.3 chip-ID: 8086:43c8 class-ID: 0403
  Device-2: NVIDIA GP104 High Definition Audio vendor: ASUSTeK
    driver: snd_hda_intel v: kernel pcie: gen: 3 speed: 8 GT/s lanes: 16
    bus-ID: 01:00.1 chip-ID: 10de:10f0 class-ID: 0403
  Device-3: Logitech G933 Wireless Headset Dongle type: USB
    driver: hid-generic,snd-usb-audio,usbhid
  Sound Server-1: ALSA v: k5.10.124-1-MANJARO running: yes
  Sound Server-2: JACK v: 0.125.0 running: no
  Sound Server-3: PulseAudio v: 16.1 running: yes
  Sound Server-4: PipeWire v: 0.3.52 running: yes
Network:
  Device-1: Intel Ethernet I219-V vendor: ASUSTeK driver: e1000e v: kernel
    port: N/A bus-ID: 00:1f.6 chip-ID: 8086:15fa class-ID: 0200
  IF: eno1 state: up speed: 1000 Mbps duplex: full mac: <filter>
  IP v4: <filter> type: dynamic noprefixroute scope: global
    broadcast: <filter>
  IP v6: <filter> type: dynamic noprefixroute scope: global
  IP v6: <filter> type: dynamic noprefixroute scope: global
  IP v6: <filter> type: noprefixroute scope: link
  WAN IP: <filter>
Bluetooth:
  Message: No bluetooth data found.
Logical:
  Message: No logical block device data found.
RAID:
  Message: No RAID data found.
Drives:
  Local Storage: total: 3.02 TiB used: 279.23 GiB (9.0%)
  SMART Message: Unable to run smartctl. Root privileges required.
  ID-1: /dev/nvme0n1 maj-min: 259:0 vendor: Samsung model: SSD 980 500GB
    size: 465.76 GiB block-size: physical: 512 B logical: 512 B speed: 31.6 Gb/s
    lanes: 4 type: SSD serial: <filter> rev: 1B4QFXO7 temp: 33.9 C scheme: GPT
  ID-2: /dev/sda maj-min: 8:0 vendor: Seagate model: ST3320620AS
    size: 298.09 GiB block-size: physical: 512 B logical: 512 B speed: 1.5 Gb/s
    type: N/A serial: <filter> rev: K scheme: MBR
  ID-3: /dev/sdb maj-min: 8:16 vendor: Western Digital
    model: WD20EZRX-00D8PB0 size: 1.82 TiB block-size: physical: 4096 B
    logical: 512 B speed: 6.0 Gb/s type: HDD rpm: 5400 serial: <filter>
    rev: 0A80 scheme: MBR
  ID-4: /dev/sdc maj-min: 8:32 vendor: Samsung model: SSD 850 EVO 500GB
    size: 465.76 GiB block-size: physical: 512 B logical: 512 B speed: 6.0 Gb/s
    type: SSD serial: <filter> rev: 2B6Q scheme: GPT
  Message: No optical or floppy data found.
Partition:
  ID-1: / raw-size: 448.44 GiB size: 440.33 GiB (98.19%)
    used: 279.21 GiB (63.4%) fs: ext4 dev: /dev/nvme0n1p2 maj-min: 259:2
    label: N/A uuid: 7faeb08f-af2c-4a51-8634-b4a54fb3df32
  ID-2: /boot/efi raw-size: 300 MiB size: 299.4 MiB (99.80%)
    used: 25.5 MiB (8.5%) fs: vfat dev: /dev/nvme0n1p1 maj-min: 259:1
    label: NO_LABEL uuid: 2AA2-EB9C
Swap:
  Kernel: swappiness: 60 (default) cache-pressure: 100 (default)
  ID-1: swap-1 type: partition size: 17.02 GiB used: 0 KiB (0.0%)
    priority: -2 dev: /dev/nvme0n1p3 maj-min: 259:3 label: N/A
    uuid: c2f1a4ab-a53e-45fa-8bf0-faf32d472c3f
Unmounted:
  ID-1: /dev/sda1 maj-min: 8:1 size: 298.09 GiB fs: ntfs label: Volume
    uuid: F048F96248F9284C
  ID-2: /dev/sdb1 maj-min: 8:17 size: 1.82 TiB fs: ntfs label: Big Mamma
    uuid: A8A44F08A44ED888
  ID-3: /dev/sdc1 maj-min: 8:33 size: 16 MiB fs: <superuser required>
    label: N/A uuid: N/A
  ID-4: /dev/sdc2 maj-min: 8:34 size: 146.47 GiB fs: ntfs label: N/A
    uuid: 06D401D6D401C93F
  ID-5: /dev/sdc3 maj-min: 8:35 size: 319.28 GiB fs: ntfs label: Steam
    uuid: A022764E22762984
USB:
  Hub-1: 1-0:1 info: Hi-speed hub with single TT ports: 16 rev: 2.0
    speed: 480 Mb/s chip-ID: 1d6b:0002 class-ID: 0900
  Hub-2: 1-3:2 info: VIA Labs VL813 Hub ports: 4 rev: 2.1 speed: 480 Mb/s
    chip-ID: 2109:2813 class-ID: 0900
  Hub-3: 1-3.1:4 info: VIA Labs VL813 Hub ports: 4 rev: 2.1 speed: 480 Mb/s
    chip-ID: 2109:2813 class-ID: 0900
  Hub-4: 1-10:3 info: Genesys Logic Hub ports: 4 rev: 2.0 speed: 480 Mb/s
    power: 100mA chip-ID: 05e3:0608 class-ID: 0900
  Device-1: 1-10.1:6 info: Logitech G933 Wireless Headset Dongle
    type: Audio,HID driver: hid-generic,snd-usb-audio,usbhid interfaces: 4
    rev: 1.1 speed: 12 Mb/s power: 100mA chip-ID: 046d:0a5b class-ID: 0300
  Device-2: 1-11:5 info: Razer USA Cynosa Chroma type: Keyboard,Mouse
    driver: hid-generic,usbhid interfaces: 3 rev: 2.0 speed: 12 Mb/s
    power: 500mA chip-ID: 1532:022a class-ID: 0300
  Device-3: 1-12:7 info: Sunplus Innovation SmartMouse type: Keyboard,Mouse
    driver: hid-generic,usbhid interfaces: 2 rev: 2.0 speed: 12 Mb/s
    power: 100mA chip-ID: 1bcf:0824 class-ID: 0301
  Device-4: 1-13:8 info: ASUSTek AURA LED Controller type: HID
    driver: hid-generic,usbhid interfaces: 2 rev: 2.0 speed: 12 Mb/s power: 16mA
    chip-ID: 0b05:19af class-ID: 0300 serial: <filter>
  Hub-5: 2-0:1 info: Super-speed hub ports: 9 rev: 3.1 speed: 10 Gb/s
    chip-ID: 1d6b:0003 class-ID: 0900
  Hub-6: 2-3:2 info: VIA Labs VL813 Hub ports: 4 rev: 3.0 speed: 5 Gb/s
    chip-ID: 2109:0813 class-ID: 0900
  Hub-7: 2-3.1:3 info: VIA Labs VL813 Hub ports: 4 rev: 3.0 speed: 5 Gb/s
    chip-ID: 2109:0813 class-ID: 0900
Sensors:
  System Temperatures: cpu: 36.0 C mobo: N/A gpu: nvidia temp: 36 C
  Fan Speeds (RPM): N/A gpu: nvidia fan: 0%
Info:
  Processes: 310 Uptime: 31m wakeups: 0 Init: systemd v: 251
  default: graphical tool: systemctl Compilers: gcc: 12.1.0 clang: 13.0.1
  Packages: pacman: 1320 lib: 385 flatpak: 0 Shell: Bash v: 5.1.16
  running-in: konsole inxi: 3.3.19

Hi there!

I ran into the same problem a few weeks ago. I haven’t found a solution to it yet. I hoped it would fix itself with the latest updates but that’s not the case.

Just wanted to push this topic up again.

Hi!

I’m glad to hear I’m not the only one with this problem. Update did nothing for me too, hope to find a solution soon though. I’m currently using my windows boot whenever I need a vpn and that just sucks -.-

… there are zero facts pertaining to the (initial) setup of the vpn here
what made it work initially
how it is configured
how it is supposed to be configured - there surely are some guides/instructions
which helped you to set it up?

perhaps just starting from scratch
(deleting the connection and re-create it again, since it doesn’t work anyway …)
could provide some clues for others to help you

something is missing, apparently

How do you know it is not missing
(thus the message is not factual) -
and it should be working?

Hi,
I don’t know if it’s the same problem, but since netmanager and libnm upgrades from version 1.34.0-1 to the next, I can connect with VPN via cable but not via WiFi. I use Forticlient and I was using WiFi until that upgrade.
I have made downgrade to 1.34.0-1 so I can keep using WiFi.

I am using a vpn (sstp) via the KDE Network manager GUI.
Configuration consists of the Gateway adress of my university as well as my username and password for my uni account. The only other settings I altered are in the Point-to-Point Window - see the screenshot below.
I used the exact same settings when it was working previously so I would assume that it is supposed to work now as well. It also worked on my Laptop right before I updated my system, so I figured the error occurs on the basis of some change that came with the update.
My laptop uses wireless, my pc uses lan, so it’s not the internet connection I guess.

Screenshot_20220704_210625434×720 29.5 KB

Good point. Of course I tried deleting the vpn and set it up fresh, but that didn´t change anything, the same error message occurs. Should have mentioned that above.

Yep, some “secret” seems to be missing, and it very well might be. I don´t have a clue what it could be though. As I mentioned, the connection worked fine previously - without any additional info.

I get that - and it’s odd. Yes.
It worked - and now it doesn’t.

But something must have changed
else it would still be working.

Maybe reinstall/rebuild it?
I do not know this software - nor how it is installed to your system.

What about their instructions on how to set it up?

how?

what was involved in getting it to work?

What changed is exactly what I am trying to figure out. Nothing changed on the requirements of my uni, the setup instructions are still the same. Therefore it has to do with my system. Obviously network management needs additional info. Is there a way for me to find out what is needed? The error message doesn’t give me any more than “secrets”. I am somewhat new to linux and don´t know how to dig deeper. Can you provide assistance on that?

probably not
But I tried to hint at telling us about the requirements
the setup instructions you followed
which they gave you as a guidance.

You had them - we don’t

Not sure what you want to know in addition to what I wrote above, so here it goes.
I use “system settings” - “connections” - “add new connection” - under vpn I select "secure socket tunneling protocol (sstp). I give it a name, fill in the gateway, my username and password and check the boxes in the “advanced”-tab shown in the screenshot.

Well, good point again. I finally get that you want to know about the instructions
They are in german, so a screenshot wouldn´t help, I guess. This would be the translation:

1. install network-manager-sstp package - done that
2. use sstp-plugin for network manager
3. name it, provide gateway, provide username and password
4. under “advanced” do the following:

• authentication: mscapv2
• allow bsd data compression
• allow deflate data compression
• allow tcp-header compression
• send PPP-echo packets
• deactivate mppe encryption

It actually could - or, even better, a link to them.
I’m german.
and many others understand it, too.

Well, then here it goes: https://bit.ly/3yGiFIU

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 61FF9694161CE595
sudo echo "deb http://ppa.launchpad.net/eivnaes/network-manager-sstp/ubuntu eoan
main" > /etc/apt/sources.list.d/sstp-client.list
sudo echo "deb-src http://ppa.launchpad.net/eivnaes/network-manager-sstp/ubuntu eoan
main" >> /etc/apt/sources.list.d/sstp-client.list
sudo apt update
sudo apt install network-manager-sstp network-manager-sstp-gnome sstp-client

and what did you do instead?
to make all this happen?
because none of this works
on Arch based systems

You’ll have to “translate” those instructions to suite an Arch system.

This was a while ago but iirc I just did

sudo pacman -S network-manager-sstp

I think I might have skipped the first steps and jumped straight to the installation. Since the connection worked, I never worried about the first instructions
What do they do?

it appears that they get the keys

and put them somewhere

… the keys that you are now (apparently) missing

… re trace your initial steps, perhaps
to know what you did

if it was terminal commands
the
history
command
might still have it/show it - depending on how far it goes back

Hm. Makes sense. Although I read this page a thousand times, I never realized that the keys could be missing Thank you for pointing that out!
Is it possible, that the keys got somehow lost during the last update?

if it was terminal commands
the
history
command
might still have it/show it - depending on how far it goes back

It goes back ages, the recent history won´t show that. Is there a way to check which keys are missing/installed? I never had to deal with keys manually, they were always installed during the system upgrades, but there have to be arch-pendants for the ubuntu-keys mentioned in the instructions, right?

You likely installed that one:
https://aur.archlinux.org/packages/network-manager-sstp-gtk4

It is an AUR package - and may need to be rebuilt
after a system update
which changes the underlying libraries …

of course
if you know what the command does
(where the files are put)
then you can also do it on Arch.

Why not ask them?
Who wrote the instructions for Debian/Ubuntu based systems …
they know how it works - what needs to be where …

Why not ask them?
Who wrote the instructions for Debian/Ubuntu based systems …
they know how it works - what needs to be where …

I’ll try to reach one of them tomorrow. Not sure if they can actually help though. Nevertheless worth a try!

I’ll also try to reinstall the network-manager-sstp package and check if I can find out which keys are missing.

Thank you for your help so far! I will update this post if something new comes up.

Checked which one is installed, it’s that one: https://gitlab.gnome.org/GNOME/network-manager-sstp

Also reinstallation of the package didn’t do anything so far. Will continue to pursue this the next days.