OpenVPN issue on KDE

I’ve set up a openvpn connection in Networkmanager via an .ovpn file.

nmcli connection import type openvpn file /tmp/my.ovpn

I am able to establish the connection, but I have trouble to open most Webpages if VPN is activated.
Some Websites like Google.com, Hetzner,de etc. work, most Websites don’t.

Support (who gave me the ovpn-file) indicates that the reason is incompatibility of os in some way.

If I do connect my vpn, I got this in the log-files:

Here additional as text:

Okt 02 15:22:37 NetworkManager[856]: <info>  [1727875357.1377] audit: op="connection-delete" uuid="5fe92b92-831c-4e8e-8a51-54e7db60b652" name="profile-userlocked-methuselahfound-ssuther" pid=36182 uid=1000 result="success"
Okt 02 15:22:58 NetworkManager[856]: <info>  [1727875378.5503] audit: op="connection-update" uuid="5a68aee3-fb5d-499c-ac3a-c3e6c4bcbac7" name="my VPN" pid=36182 uid=1000 result="success"
Okt 02 15:25:56 NetworkManager[856]: <info>  [1727875556.6809] audit: op="statistics" interface="enp2s0" ifindex=2 args="2000" pid=1198 uid=1000 result="success"
Okt 02 15:29:07 NetworkManager[856]: <info>  [1727875747.8186] audit: op="statistics" interface="enp2s0" ifindex=2 args="2000" pid=1198 uid=1000 result="success"
Okt 02 15:29:09 NetworkManager[856]: <info>  [1727875749.8991] vpn[0x56006eaa0870,5a68aee3-fb5d-499c-ac3a-c3e6c4bcbac7,"my VPN"]: starting openvpn
Okt 02 15:29:09 NetworkManager[856]: <info>  [1727875749.8993] audit: op="connection-activate" uuid="5a68aee3-fb5d-499c-ac3a-c3e6c4bcbac7" name="my VPN" pid=1198 uid=1000 result="success"
Okt 02 15:29:09 nm-openvpn[38079]: DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations.
Okt 02 15:29:09 nm-openvpn[38079]: OpenVPN 2.6.12 [git:makepkg/038a94bae57a446c+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO] built on Jul 18 2024
Okt 02 15:29:09 nm-openvpn[38079]: library versions: OpenSSL 3.3.2 3 Sep 2024, LZO 2.10
Okt 02 15:29:09 nm-openvpn[38079]: DCO version: N/A
Okt 02 15:29:10 nm-openvpn[38079]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Okt 02 15:29:10 nm-openvpn[38079]: TCP/UDP: Preserving recently used remote address: [AF_INET]35.247.74.96:443
Okt 02 15:29:10 nm-openvpn[38079]: Attempting to establish TCP connection with [AF_INET]35.247.74.96:443
Okt 02 15:29:10 nm-openvpn[38079]: TCP connection established with [AF_INET]35.247.74.96:443
Okt 02 15:29:10 nm-openvpn[38079]: TCPv4_CLIENT link local: (not bound)
Okt 02 15:29:10 nm-openvpn[38079]: TCPv4_CLIENT link remote: [AF_INET]35.247.74.96:443
Okt 02 15:29:10 nm-openvpn[38079]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Okt 02 15:29:10 nm-openvpn[38079]: [OpenVPN Server] Peer Connection Initiated with [AF_INET]35.247.74.96:443
Okt 02 15:29:11 nm-openvpn[38079]: AUTH: Received control message: AUTH_FAILED,CRV1:R,E:PG_c0lDbw/0p0jyU4cX:bWV0aHVzZWxhaGZvdW5kLXNzdXRoZXI=:Enter Authenticator Code
Okt 02 15:29:11 nm-openvpn[38079]: SIGUSR1[soft,auth-failure] received, process restarting
Okt 02 15:29:28 nm-openvpn[38079]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Okt 02 15:29:28 nm-openvpn[38079]: TCP/UDP: Preserving recently used remote address: [AF_INET]35.247.74.96:443
Okt 02 15:29:28 nm-openvpn[38079]: Attempting to establish TCP connection with [AF_INET]35.247.74.96:443
Okt 02 15:29:28 nm-openvpn[38079]: TCP connection established with [AF_INET]35.247.74.96:443
Okt 02 15:29:28 nm-openvpn[38079]: TCPv4_CLIENT link local: (not bound)
Okt 02 15:29:28 nm-openvpn[38079]: TCPv4_CLIENT link remote: [AF_INET]35.247.74.96:443
Okt 02 15:29:29 nm-openvpn[38079]: [OpenVPN Server] Peer Connection Initiated with [AF_INET]35.247.74.96:443
Okt 02 15:29:29 nm-openvpn[38079]: Options error: Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:4: dhcp-pre-release (2.6.12)
Okt 02 15:29:29 nm-openvpn[38079]: Options error: Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:5: dhcp-renew (2.6.12)
Okt 02 15:29:29 nm-openvpn[38079]: Options error: Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIOopenvpn3 session-start --config NS]:6: dhcp-release (2.6.12)
Okt 02 15:29:29 nm-openvpn[38079]: WARNING: You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
Okt 02 15:29:29 nm-openvpn[38079]: WARNING: You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
Okt 02 15:29:29 nm-openvpn[38079]: WARNING: You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
Okt 02 15:29:29 nm-openvpn[38079]: TUN/TAP device tun0 opened
Okt 02 15:29:29 nm-openvpn[38079]: /usr/lib/nm-openvpn-service-openvpn-helper --debug 0 38073 --bus-name org.freedesktop.NetworkManager.openvpn.Connection_13 --tun -- tun0 1500 0 172.27.235.237 255.255.240.0 init

I’ve checked /etc/openvpn and this directory just contain two empty directories client & server

In /etc/NetworkManager/system-connections/ I found the config-file of the VPN, but there are no “redirect” nor one of the noted “dhcp-” errors at all in any of those files.

BUT

If I connect via

openvpn3 session-start --config ./myVpn.ovpn

I can access all those webpages without any issue.

Hi @rethus,

Sounds like a routine issue to me and I know @linux-aarhus uses a VPN as well, at least sometimes, so I know it does work. Also, it has nothing to do with KDE. But the best advice I can give is to check if there’s something here that might help:

https://wiki.archlinux.org/title/OpenVPN#Starting_OpenVPN

Thanks for your reply.

I wouldn’t know where to start on this page - even as I don’t have any config in /etc/openvpn at all (like described in my initial post)

Maybe someone else has an Idea what the issue might be here, and how to solve it?

Maybe, because me, sadly

:man_shrugging:

Perhaps you might install openresolv

It’s already installed:
image

I mentioned openresolv because

That caused me to think you didn’t have that installed.

Rather than openresolv …

systemd-resolved with package systemd-resolvconf and probably if using openvpn also openvpn-update-systemd-resolved generally works better.