I recently installed fedora on my main machine. I’m a first time Linux user.
I’m trying to connect to an OpenVPN server I have running somewhere. I tried doing this by going to settings > Network > VPN “+” > Import from file. After selecting the .ovpn file I fill in the User name and Password. I then “add” and try to connect. This does not work. After 30-60 seconds I get a notification saying “connection failed, activation of network connection failed”.
Through similar steps I got all this working on windows previously, which I used for a long time.
It works for me out of the box on Fedora 34 when importing VPN profile by a non-root user.
A reboot was never required, and fixing SELinux labels appears to be no longer required.
It should be some other problem, so you’d best collect and analyze the VPN connection log.
That is really cool! Helps diagnosing the problem a lot!
What the problem seems to be is this:
TLS error: Unsupported protocol. This typically indicates that client and server have no common TLS version enabled. This can be caused by mismatched tls-version-min and tls-version-max options on client and server. If your OpenVPN client is between v2.3.6 and v2.3.2 try adding tls-version-min 1.0 to the client configuration to use TLS 1.0+ instead of TLS 1.0 only
I now have a general understanding of what TLS is. What instantly fixed the problem is setting TLS min version to 1.0. Wikipedia tells me 1.0 and 1.1 are deemed insecure now. I wonder if using TLS 1.0 is dumb.
Note that if I set TLS min version to 1.1, the connection does not work.
Hence I now can get my vpn working again, but ended up with a new question: is using TLS 1.0 secure, when connecting to an OpenVPN server?
I will also make sure to edit my original post to summarize what went wrong and what helped me diagnose the problem. Again many thanks to @vgaetera for seriously pushing me into the right direction.