Manjaro with VPN

Question: is Manjaro compatible with VPN feature at all?

I have tried KDE, Gnome, and currently moved to Xfce, all latest ofc, and all of them are giving me issues when it comes to connecting to a Openconnect VPN. The latest, Xfce, is far least showing up this problem, but the problem exists:

Whenever I trigger VPN connect, the UI get's completely unresponsive (on Xfce this is randomly happening, while on other desktops this was a constant) for a few seconds - cannot click on anything, and only the mouse stays responsive (cannot click on anything though).

On the previous thread I was asked for pc specs, so sharing them here:

Summary

ystem: Host: draak Kernel: 5.2.11-1-MANJARO x86_64 bits: 64 compiler: gcc v: 9.1.0 Desktop: Xfce 4.14.1 tk: Gtk 3.24.10
info: xfce4-panel wm: xfwm4 dm: LightDM 1.30.0 Distro: Manjaro Linux
Machine: Type: Laptop System: HP product: HP EliteBook 840 G5 v: N/A serial: Chassis: type: 10 serial:
Mobo: HP model: 83B2 v: KBC Version 04.50.00 serial: UEFI: HP v: Q78 Ver. 01.01.07 date: 06/05/2018
Battery: ID-1: BAT0 charge: 48.8 Wh condition: 48.8/48.8 Wh (100%) volts: 13.0/11.6 model: Hewlett-Packard Primary
type: Li-ion serial: status: Full
CPU: Topology: Quad Core model: Intel Core i5-8250U bits: 64 type: MT MCP arch: Kaby Lake rev: A L2 cache: 6144 KiB
flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx bogomips: 28808
Speed: 700 MHz min/max: 400/3400 MHz Core speeds (MHz): 1: 700 2: 700 3: 700 4: 700 5: 700 6: 700 7: 700 8: 700
Graphics: Device-1: Intel UHD Graphics 620 vendor: Hewlett-Packard driver: i915 v: kernel bus ID: 00:02.0 chip ID: 8086:5917
Display: x11 server: X.Org 1.20.5 driver: intel unloaded: modesetting alternate: fbdev,vesa
resolution: 1600x900~60Hz, 1920x1080~60Hz
OpenGL: renderer: Mesa DRI Intel UHD Graphics 620 (Kabylake GT2) v: 4.5 Mesa 19.1.5 compat-v: 3.0
direct render: Yes
Audio: Device-1: Intel Sunrise Point-LP HD Audio vendor: Hewlett-Packard driver: snd_hda_intel v: kernel bus ID: 00:1f.3
chip ID: 8086:9d71
Device-2: Logitech 960 Headset type: USB driver: hid-generic,snd-usb-audio,usbhid bus ID: 1-2:3 chip ID: 046d:0a45
Device-3: XMOS type: USB driver: snd-usb-audio bus ID: 1-1.1:4 chip ID: 20b1:301f serial:
Sound Server: ALSA v: k5.2.11-1-MANJARO
Network: Device-1: Intel Ethernet I219-V vendor: Hewlett-Packard driver: e1000e v: 3.2.6-k port: efa0 bus ID: 00:1f.6
chip ID: 8086:15d8
IF: enp0s31f6 state: down mac:
Device-2: Intel Wireless 8265 / 8275 driver: iwlwifi v: kernel port: efa0 bus ID: 01:00.0 chip ID: 8086:24fd
IF: wlp1s0 state: up mac:
IF-ID-1: vpn0 state: down mac: N/A
Drives: Local Storage: total: 238.47 GiB used: 62.19 GiB (26.1%)
ID-1: /dev/sda vendor: Micron model: MTFDDAV256TBN-1AR15ABHA size: 238.47 GiB speed: 6.0 Gb/s serial:
rev: 0T14 scheme: GPT
Partition: ID-1: / size: 81.48 GiB used: 7.37 GiB (9.0%) fs: ext4 dev: /dev/sda2
ID-2: swap-1 size: 19.53 GiB used: 0 KiB (0.0%) fs: swap dev: /dev/sda4
Sensors: System Temperatures: cpu: 52.0 C mobo: 43.0 C
Fan Speeds (RPM): N/A
Info: Processes: 236 Uptime: 51m Memory: 15.52 GiB used: 2.39 GiB (15.4%) Init: systemd v: 242 Compilers: gcc: 9.1.0
Shell: bash v: 5.0.9 running in: xfce4-terminal inxi: 3.0.36
xfce.desktop
2019-10-09

Most VPN requires the users interaction - a set-and-forget VPN does not exist.

Some VPNs leaks DNS (often ipv6) - I have not tested any and all VPN providers - but I have found that NordVPN (despite some users experience - see the AUR page) works flawless.

There is no GUI to clutter - just build the package from AUR - start the service and use a terminal to connect.

I am slightly impressed by the absence of errors using that particular service.

My guide to using NordVPN may be a little dated but I think it is still viable (the removal of NordVPN may be out-dated - I have not had to uninstall it to solve issues).

Thing is, I specifically require cisco vpn for work stuff

There is a quite a few packages for Cisco available in AUR - but the use and configuration of those - I have no idea.

A good way of trouble shooting is to launch the connection using CLI - which will provide a lot more info on the connection that a GUI.

Thanks. Will try them out

There is packages in the official repo for use with Network Manager.

As you say your system goes cold when trying to connect - my guess is a configuration issue.

And as there is a package for Network Manager interfacing to openconnect and Network Manager is the default on Manjaro there may be bugs in Network Manager (not the first time - errors in Network Manager)

I see the network manager getting stuck on this. Doing a reboot showed me a deadlocked Network Manager service.

All of the openconnect packages are installed.

I was afraid of that - and I have no answers for you ...

Back to ubuntu then :frowning:

Enjoy ...

OpenVPN works very well for me on Manjaro Mate.


But use the Pamac package manager instead of apt.

1 Like

I also use proton and the proton-cli from AUR. No issues on my end so far. They even have a free plan if you don't use it for Netflix/p2p stuff. And sweet free encrypted email. And before you ask, yes I'm cheap.

1 Like

To troubleshoot, best thing to do is running some commands through cli, with -v or -vv
https://wiki.archlinux.org/index.php/OpenConnecthttps://wiki.archlinux.org/index.php/OpenConnect

Seriously people read the posters FIRST POST. They are asking about OPENCONNECT. This is a SSL VPN client that works with Cisco, Juniper, etc... VPN servers, as they have stated they use it for work. They aren't looking for a vpn service that works with other protocols.

openconnect should work. Their website is located here:

https://www.infradead.org/openconnect/index.html

This above website goes into the specifics of setting it up and getting it to work. Do you have vpnc-script installed as well?

You will want to make sure you install the openconnect from the pamac. That should take care of the installation part except it doesn't look like it installs the vpnc-script that needs to be installed.

Also the networkmanager-openconnect will plugin to the network manager so once you get it up and working that will let you connect/disconnect easily from the gui.

Also does your vpn require the use of a certificate to connect?

Well, will need to give it a shot on a VM (too frustrated to do a 10th reinstall of linux on my working laptop)

The openconnect was installed from pacman (not AUR), after which, as a last hope, all "openconnect" related packages from AUR.

This was actually done. But even without this, the latest version of Manjaro, which I've used, already came with a preinstalled network-manager openconnect and similar.

Only the gateway with basic auth.

Ivacy, Express, PIA, NordVPN, Cyberghost. These are few best linux VPNs compatible with Manjaro.

I think Express and NordVpn its best solution for Manjaro and anonymous access. By the way, I found interesting article about VPN https://webguidevpn.com/best-anonymous-vpn/

Forum kindly sponsored by