Page 1 of 4 123 ... LastLast
Results 1 to 10 of 32

Thread: Ubuntu 9.10 - the vpn connection 'xxx' failed because there were no valid vpn secrets

  1. #1
    Join Date
    Nov 2007
    Beans
    5

    Ubuntu 9.10 - the vpn connection 'xxx' failed because there were no valid vpn secrets

    How is it that the bug in networkmanager/pptp-plugin that causes this error message - "the vpn connection 'xxxxxx' failed because there were no valid vpn secrets" - is STILL NOT FIXED? This has been a known issue with gnome since the the Ubuntu 8.10 alpha. We have now gone 3 full releases where this is broken.

    I have tried both x86 and x64 installs of Ubuntu 9.10, with a number of purported "fixes" or workarounds for this issue, with no success. I use my Ubuntu-installed laptop as my main business work tool. I HAVE to have PPTP and VPNC connectivity to connect to client sites. Which is why I'm still stuck on 8.04.

    While I know my way around the linux cli, I don't have the inclination to waste time on the cli when there's a GUI interface that should, and used to, do the job.

    Will this critical networking component STILL BE BROKEN when the 10.4 LTS release rolls around?

  2. #2
    Join Date
    Nov 2009
    Beans
    1

    Re: Ubuntu 9.10 - the vpn connection 'xxx' failed because there were no valid vpn sec

    I too had this issue in 9.10 and a restart fixed it.

  3. #3
    Join Date
    Nov 2007
    Beans
    5

    Re: Ubuntu 9.10 - the vpn connection 'xxx' failed because there were no valid vpn sec

    I had restarted the pc on all the test setups I had ran with no luck. Your response got me to reset my frustration level and try again.

    I went back and tried working the whole process over again. I have managed to get PPTP, VPNC, and OpenConnect working on x86. PPTP and VPNC work on x64 as well. I am still working on OpenConnect connectivity on x64.

    The biggest issues were:
    1. The remaining bug between NetworkManager and Gnome Keyring when you attempt to save passwords
    2. translating PPTP settings in Ubuntu 8.04 to 9.10

    My apologies to the Gnome and Ubuntu development teams for my rant. This issue has been a HUGE point of frustration for me with 8.10 and 9.04.

    If anyone wants me to post my setup steps or various VPN client configurations, please post your requests and I will do my best to respond.

  4. #4
    Join Date
    Oct 2008
    Beans
    6

    Re: Ubuntu 9.10 - the vpn connection 'xxx' failed because there were no valid vpn sec

    I am trying to get this working as well... please post up the steps of x86 on pptp

    Thanks

  5. #5
    Join Date
    Jul 2009
    Location
    London
    Beans
    20
    Distro
    Ubuntu 9.04 Jaunty Jackalope

    Re: Ubuntu 9.10 - the vpn connection 'xxx' failed because there were no valid vpn sec

    Quote Originally Posted by sweisler View Post
    I had restarted the pc on all the test setups I had ran with no luck. Your response got me to reset my frustration level and try again.

    If anyone wants me to post my setup steps or various VPN client configurations, please post your requests and I will do my best to respond.
    Potentially resetting frustration level here

    Your notes (VPNC) would be appreciated especially as you have grasped that the fastest way to loose newbies is streams of CLI. WE HATE IT.
    Yea, I know it's powerful. So is a an a steam train and they belong to history as well.

    Sorry, missed the ranty reset.

  6. #6
    Join Date
    Nov 2007
    Beans
    5

    Re: Ubuntu 9.10 - the vpn connection 'xxx' failed because there were no valid vpn sec

    Here's a synopsis of my VPN setups. I have proven this to work on both x86 and x64 for all 3 VPN types.

    Important note/disclaimer: I tested these configurations on VMware Workstation 7 VM's and a Dell Vostro 220. All installations were fresh installs, not upgrades. Also, please notice that I detail what type of firewall/VPN I am connecting to for each VPN type. There are so many variations on these VPN implementations that it is extremely difficult to generalize a known-good configuration for each.

    1. Install various VPN components
    a. PPTP
    • pptp-linux
    • network-manager-pptp
    b. VPNC
    • vpnc
    • network-manager-vpnc
    c. OpenConnect
    • openconnect
    • network-manager-openconnect

    2. Reboot

    3. PPTP VPN Configuration - This setup works for connecting to ISA 2004/2006 PPTP VPNs. It should work for connecting to MS PPTP VPN implementations in general. I can't speak for other PPTP VPN implementations.

    a. Create new PPTP connection
    • VPN Tab Settings
    • Set Connection name
    • Set Gateway
    • Set username (for domain-based user accounts, use domain\username)
    • DO NOT SET PASSWORD
    • DO NOT SET NT DOMAIN
    • PPTP Advanced Options (Advanced button)
    • uncheck all auth methods EXCEPT MSCHAPv2
    • check "Use Point-to-Point encryption (MPPE)"
      • leave Security set at "All Available (Default)"
      • trying to force encryption level causes this option to become unset
    • check "Allow stateful inspection"
    • uncheck "Allow BSD Data Compression"
    • uncheck "Allow Deflate Data Compression"
    • uncheck "Use TCP Header Compression"
    • uncheck "Send PPP Echo Packets" (although connection works either checked or unchecked)
    • save configuration

    b. Initial Connection attempt
    • enter password in login box
    • DO NOT check either password save box at this time
    • once connection establishes, verify remote connectivity - ping, rdp, ssh, etc.
    • disconnect VPN session

    c. 2nd connection attempt
    • enter password in login box
    • check both password save option boxes
    • once again verify remote connectivity
    • disconnect VPN session

    d. Subsequent connection attempts
    • VPN session should automatically connect using saved auth credentials
    4. VPNC VPN Configuration - This setup works connecting to an ASA5510 - software version 8.2(1). I didn't have any other Cisco devices to test against.

    a. Create new VPNC connection
    • set connection name
    • set Gateway
    • set Group Name
    • set User Password to "Saved" and enter password
    • set Group Password to "Saved" and enter password
    • set username
    • set domain (if applicable)
    • leave Encryption Method at "Secure (Default)"
    • set NAT traversal to "NAT-T"
    • save configuration

    b. Initial Connection attempt
    • open VPNC connection
    • if prompted, select "Always Allow" if you want connection to be automatic
    • verify remote connectivity - ping, rdp, ssh, etc.
    • disconnect VPN session
    c. Subsequent connection attempts
    • open VPNC connection - session should automatically connect

    5. OpenConnect VPN Configuration - This setup works connecting to an ASA5510 - software version 8.2(1). I didn't have any other Cisco devices to test against.

    a. Create new OpenConnect connection
    • set connection name
    • set Gateway
    • set Authentication type to "Password/SecurID"
    • no need to set username, OpenConnect won't store it yet
    • save configuration

    b. Initial connection attempt
    • open VPN connection
    • check "Automatically start connecting next time"
    • click Close
    • you will get the "No Valid VPN Secrets" VPN failure message

    c. 2nd connection attempt
    • open VPN connection
    • accept certificate (if prompted)
    • change Group (if necessary)
    • enter username (may need to be domain\username)
    • enter password
    • click Login
    • if VPN connection fails, see note below
    • verify remote connectivity - ping, rdp, ssh, etc.
    • disconnect session

    d. Subsequent connection attempts
    • open VPN connection
    • enter password
    • session should connect

    Note: If you get the "Login Failed" message, cancel and wait 15-30 minutes before attempting to connect again. Also, I ended up having to use the NT style domain\username pair for authentication, even though a Cisco AnyConnect client connecting to the same ASA only requires username.

    More Detail: OpenConnect has been brutal to get connected. I got failed attempt after failed attempt. When I checked the NPS (IAS) log and the Security Event log on the W2K8 domain controller, I could see my user account authenticating properly via RADIUS from the ASA. Yet the OpenConnect client came back with a "Login Failed" message. I'm not an ASA expert, so I have no idea what to check in the ASA configuration to troubleshoot this problem, other than the basic AAA configuration. But I believe the problem lies in the ASA configuration because when I get the OpenConnect "Login Failed" message, the AnyConnect client from my Windows laptop fails as well. I think it may be a ridiculously short timeout or max failure setting. Whatever the issue is, I have to wait for some length of time (~15-30 minutes) for whatever the problem is to reset.

    However, once I finally get the OpenConnect client to successfully connect, it worked from then on. (Just don't mess with the connection configuration, or you will get to go thru this whole process again.)

    -----------------------------

    P.S. Please leave me feedback for what worked and didn't work for you. Also, if you can, please post a short description documenting what firewall/VPN device you were connecting to and any modifications you may have made to the VPN connection configuration. Maybe we can make this a thread for known-good configurations.

    Thanks.
    Last edited by sweisler; November 7th, 2009 at 04:20 AM.

  7. #7
    Join Date
    Oct 2007
    Location
    La Serena, Chile
    Beans
    8
    Distro
    Xubuntu 9.10 Karmic Koala

    Re: Ubuntu 9.10 - the vpn connection 'xxx' failed because there were no valid vpn sec

    I'm using Xubuntu 9.10 installed yesterday.

    I followed your steps (pptp) (except introducing the user and pass which i did it) and it didn't work in the first time. I restarted the network manager with

    sudo /etc/init.d/network-manager restart

    And it asked me for my pass (weird because is already there), it also asked me if I wanted to save the pass to the keyring, but I denied everything. Finally it worked. Are you still having troubles?

  8. #8
    Join Date
    Nov 2007
    Beans
    5

    Re: Ubuntu 9.10 - the vpn connection 'xxx' failed because there were no valid vpn sec

    No issues with VPN connectivity to this point. Once properly configured, the various VPN types perform as expected. The biggest issues surrounded discovering the correct options for each VPN type and getting the OpenConnect client to successfully connect the first time.

  9. #9
    Join Date
    May 2008
    Location
    St. Louis, MO
    Beans
    92
    Distro
    Ubuntu 9.04 Jaunty Jackalope

    Re: Ubuntu 9.10 - the vpn connection 'xxx' failed because there were no valid vpn sec

    I have followed this guide and i am not able to get it working. i am using a wrt150n with ddwrt-vpn on it. my iphone connects properly (as does my girlfriends mac) I dont have a windows computer to test with at the moment.

  10. #10
    Join Date
    Nov 2007
    Beans
    5

    Re: Ubuntu 9.10 - the vpn connection 'xxx' failed because there were no valid vpn sec

    It appears from reading the DD-WRT wiki that <shudder> CHAP is the authentication method used by DD-WRT. You will need to go into the PPTP Advanced Options and select CHAP in the authentication methods list.

Page 1 of 4 123 ... LastLast

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •