You can modify the gateway for network manager connections from the command line. So while I cannot find this option in the GUI, you can list the connections
nmcli con show
find yours
NAME UUID TYPE DEVICE
thenameyougaveit some-id-ksadbf019-aksb821 vpn wlan1
change the address (it will be discarded afaict but you cannot change the gateway address without setting it)
nmcli con mod some-id-ksadbf019-aksb821 ipv4.addresses 192.168.1.113/24
and then set the desired ip4 gateway
nmcli con mod some-id-ksadbf019-aksb821 ipv4.gateway 192.168.1.1
And now it works from the GUI. Of course, if anything changes on the other end, it will stop working.
I have found a "solution" (and I use this term very loosely here) based on this post: Network Manager does not set IP4.GATEWAY for OpenVPN connection - although I'm convinced this is a bug with the network-manager-openvpn
module.
The problem occurs because no gateway is set for the OpenVPN tunnel:
[van@d2:~]$ nmcli device show tun0
GENERAL.DEVICE: tun0
GENERAL.TYPE: tun
GENERAL.HWADDR: (unknown)
GENERAL.MTU: 1500
GENERAL.STATE: 100 (connected)
GENERAL.CONNECTION: tun0
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/15
IP4.ADDRESS[1]: 10.9.0.4/24
IP4.ADDRESS[2]: 192.168.0.7/32
IP4.GATEWAY: --
IP6.ADDRESS[1]: fe80::cd28:e3cf:f9e6:1417/64
IP6.GATEWAY --
The default gateway can be obtained using:
[van@d2:~]$ ip route
default via 192.168.0.1 dev wlp3s0 proto static metric 600
...
Now use nmcli con show
to obtain the UUID of the OpenVPN tunnel (tun0 in my case):
[van@d2:~]$ nmcli con show
NAME UUID TYPE DEVICE
VAN-200-5GHz <SOME-UUID>-9c79da9597a1 802-11-wireless wlp3s0
van <SOME-UUID>-484ee303d901 vpn wlp3s0
tun0 <SOME-UUID>-2a1a14674e78 tun tun0
Wired connection 1 <SOME-UUID>-d3935bcf886b 802-3-ethernet --
Once you have the UUID, set the gateway using:
nmcli con mod <SOME-UUID>-b717eca7a5a0 ipv4.gateway 192.168.0.1
Now check to make sure you're using the VPN Server's IP address:
dig @resolver1.opendns.com myip.opendns.com +short
<YOUR-VPN-SERVER-IP>
One of the side effects of using this method is you'll end up with a "zombie" connection every time you add a tun0 gateway (and these will persist across reboots):
[van@d2:~]$ nmcli con show
NAME UUID TYPE DEVICE
VAN-200-5GHz <SOME-UUID>-9c79da9597a1 802-11-wireless wlp3s0
Wired connection 1 <SOME-UUID>-d3935bcf886b 802-3-ethernet --
van <SOME-UUID>-484ee303d901 vpn --
tun0 <SOME-UUID>-c4381868f3f3 tun --
tun0 <SOME-UUID>-157870b81351 tun --
tun0 <SOME-UUID>-a1bc29fb7bef tun --
You can remove these using:
[van@d2:~]$ nmcli con del tun0
Connection 'tun0' (<SOME-UUID>-157870b81351) successfully deleted.
Connection 'tun0' (<SOME-UUID>-c4381868f3f3) successfully deleted.
Connection 'tun0' (<SOME-UUID>-a1bc29fb7bef) successfully deleted.
Considering how complicated it is working around these issues just to be able to connect to OpenVPN using the Network Manager, you're probably going to be far better off just connecting via the terminal (assuming you have a valid OpenVPN config file).
I'm not sure how to report bugs of this nature, so if anyone knows, please chime in.
Best Answer
I'm not really that this is a bug really. Considering that it works for a majority of users Using openVPN and network manager.
Do you have the proper permissions of the key and certificate file? What happens if you run
as root from the terminal? please paste the output here if it does not work. It should provide more debug information.
If it does work like that. Then you have permission problems on your key and or certificate file.