добрый день. Подскажите пожалуйста куда копать. Имеем сервер с настроенный OpenVPN, сидел на ubunte подключаюсь все нормально, так же подключался с андройда, тоже все ок. Перешел на KDE neon, импортирую VPN соединения из файла, соединяться не хочет.
Логи смотрел в var/log/syslog
Jun 23 19:12:41 z NetworkManager[792]: <info> [1592928761.7206] audit: op="statistics" arg="refresh-rate-ms" pid=1291 uid=1000 result="success"
Jun 23 19:12:41 z plasmashell[1291]: Qt Quick Layouts: Detected recursive rearrange. Aborting after two iterations.
Jun 23 19:12:41 z plasmashell[1291]: message repeated 2 times: [ Qt Quick Layouts: Detected recursive rearrange. Aborting after two iterations.]
Jun 23 19:12:43 z kcmshell5[4172]: Couldn't load plugin "kcms/kcm_networkmanagement" : "Динамическая библиотека не найдена." -- falling back to old-style loading from desktop file
Jun 23 19:12:43 z kcmshell5[4172]: Selecting active connection: "720700d1-4e5e-34da-a612-6ea995b309e3"
Jun 23 19:12:44 z NetworkManager[792]: <info> [1592928764.0287] audit: op="statistics" arg="refresh-rate-ms" pid=1291 uid=1000 result="success"
Jun 23 19:13:32 z kdeinit5[4185]: Qt: Session management error: networkIdsList argument is NULL
Jun 23 19:13:41 z NetworkManager[792]: <info> [1592928821.4246] keyfile: add connection /etc/NetworkManager/system-connections/nedopenvpn (30d06674-959e-4bb6-9536-738b2d0d8626,"nedopenvpn")
Jun 23 19:13:41 z NetworkManager[792]: <info> [1592928821.4257] audit: op="connection-add" uuid="30d06674-959e-4bb6-9536-738b2d0d8626" name="nedopenvpn" pid=4172 uid=1000 result="success"
Jun 23 19:13:41 z kded5[1249]: plasma-nm: virtual void SecretAgent::SaveSecrets(const NMVariantMapMap&, const QDBusObjectPath&)
Jun 23 19:13:41 z kded5[1249]: plasma-nm: Path: "/org/freedesktop/NetworkManager/Settings/4"
Jun 23 19:13:48 z kwin_x11[1253]: qt.qpa.xcb: QXcbConnection: XCB error: 3 (BadWindow), sequence: 58336, resource id: 8388828, major code: 18 (ChangeProperty), minor code: 0
Jun 23 19:13:48 z kwin_x11[1253]: qt.qpa.xcb: QXcbConnection: XCB error: 3 (BadWindow), sequence: 58340, resource id: 35651595, major code: 18 (ChangeProperty), minor code: 0
Jun 23 19:13:49 z NetworkManager[792]: <info> [1592928829.2596] audit: op="statistics" arg="refresh-rate-ms" pid=1291 uid=1000 result="success"
Jun 23 19:13:49 z plasmashell[1291]: Qt Quick Layouts: Detected recursive rearrange. Aborting after two iterations.
Jun 23 19:13:49 z plasmashell[1291]: message repeated 5 times: [ Qt Quick Layouts: Detected recursive rearrange. Aborting after two iterations.]
Jun 23 19:13:50 z plasmashell[1291]: QDBusObjectPath: invalid path ""
Jun 23 19:13:50 z NetworkManager[792]: <info> [1592928830.6553] audit: op="connection-activate" uuid="30d06674-959e-4bb6-9536-738b2d0d8626" name="nedopenvpn" pid=1291 uid=1000 result="success"
Jun 23 19:13:50 z NetworkManager[792]: <info> [1592928830.6610] vpn-connection[0x556cdc59e320,30d06674-959e-4bb6-9536-738b2d0d8626,"nedopenvpn",0]: Started the VPN service, PID 4194
Jun 23 19:13:50 z NetworkManager[792]: <info> [1592928830.6746] vpn-connection[0x556cdc59e320,30d06674-959e-4bb6-9536-738b2d0d8626,"nedopenvpn",0]: Saw the service appear; activating connection
Jun 23 19:13:50 z kded5[1249]: plasma-nm: Unhandled VPN connection state change: 2
Jun 23 19:13:50 z kded5[1249]: plasma-nm: Unhandled VPN connection state change: 3
Jun 23 19:13:50 z NetworkManager[792]: <info> [1592928830.6841] vpn-connection[0x556cdc59e320,30d06674-959e-4bb6-9536-738b2d0d8626,"nedopenvpn",0]: VPN plugin: state changed: starting (3)
Jun 23 19:13:50 z nm-openvpn[4197]: WARNING: file '/home/z/.local/share/networkmanagement/certificates/nedopenvpn/private.key' is group or others accessible
Jun 23 19:13:50 z nm-openvpn[4197]: OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2019
Jun 23 19:13:50 z nm-openvpn[4197]: library versions: OpenSSL 1.1.1 11 Sep 2018, LZO 2.08
Jun 23 19:13:50 z nm-openvpn[4197]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Jun 23 19:13:50 z nm-openvpn[4197]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jun 23 19:13:50 z nm-openvpn[4197]: TCP/UDP: Preserving recently used remote address: [AF_INET]35.204.121.136:1194
Jun 23 19:13:50 z nm-openvpn[4197]: UDP link local: (not bound)
Jun 23 19:13:50 z nm-openvpn[4197]: UDP link remote: [AF_INET]35.204.121.136:1194
Jun 23 19:13:50 z nm-openvpn[4197]: NOTE: chroot will be delayed because of --client, --pull, or --up-delay
Jun 23 19:13:50 z nm-openvpn[4197]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Jun 23 19:13:58 z NetworkManager[792]: <info> [1592928838.8417] audit: op="statistics" arg="refresh-rate-ms" pid=1291 uid=1000 result="success"
Jun 23 19:14:50 z nm-openvpn[4197]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Jun 23 19:14:50 z nm-openvpn[4197]: TLS Error: TLS handshake failed
Jun 23 19:14:50 z nm-openvpn[4197]: SIGUSR1[soft,tls-error] received, process restarting
Jun 23 19:14:51 z NetworkManager[792]: <warn> [1592928891.2592] vpn-connection[0x556cdc59e320,30d06674-959e-4bb6-9536-738b2d0d8626,"nedopenvpn",0]: VPN connection: connect timeout exceeded.
Jun 23 19:14:51 z nm-openvpn-serv[4194]: Connect timer expired, disconnecting.
Jun 23 19:14:51 z nm-openvpn[4197]: SIGTERM[hard,init_instance] received, process exiting
Jun 23 19:14:51 z NetworkManager[792]: <warn> [1592928891.2643] vpn-connection[0x556cdc59e320,30d06674-959e-4bb6-9536-738b2d0d8626,"nedopenvpn",0]: VPN plugin: failed: connect-failed (1)
Jun 23 19:14:51 z NetworkManager[792]: <info> [1592928891.2643] vpn-connection[0x556cdc59e320,30d06674-959e-4bb6-9536-738b2d0d8626,"nedopenvpn",0]: VPN plugin: state changed: stopping (5)
Jun 23 19:14:51 z NetworkManager[792]: <info> [1592928891.2644] vpn-connection[0x556cdc59e320,30d06674-959e-4bb6-9536-738b2d0d8626,"nedopenvpn",0]: VPN plugin: state changed: stopped (6)
Я так понял, что затуп происходит здесь, WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Но что ему конкретно надо ума не приложу.
Настройки vpn
client
proto udp
remote 35.204.121.136 1194
dev tun
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
verify-x509-name server_utUaa10E4DhtOCQo name
auth SHA256
auth-nocache
cipher AES-128-GCM
tls-client
tls-version-min 1.2
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
setenv opt block-outside-dns # Prevent Windows 10 DNS leak
verb 3
<ca>
