I can't get this to work. I get the same error as in this comment. I have enabled/started the awsvpnclient
unit. I get pretty far in the process (browser window opens and I'm told to close it -- we're using SAML), but then the connection fails:
2024-04-19 12:00:17.387 -04:00 [DBG] [TI=58] [PID: 19637] Fri Apr 19 12:00:17 2024 WARNING: Failed running command (--up/--down): external program exited with error status: 1
2024-04-19 12:00:17.387 -04:00 [DBG] [TI=58] [PID: 19637] Fri Apr 19 12:00:17 2024 Exiting due to fatal error
2024-04-19 12:00:17.417 -04:00 [DBG] /bin/ps exit code: 0
2024-04-19 12:00:18.403 -04:00 [DBG] /bin/ps exit code: 1
2024-04-19 12:00:18.403 -04:00 [ERR] [TI=53] Failed to get process owner of PID: 19637. Stdout: , stderr:
2024-04-19 12:00:18.403 -04:00 [WRN] [TI=53] Exception occured checking process alive: System.Exception: Failed to get process owner of PID: 19637
at ACVC.GTK.Service.DBus.OvpnGtkService.GetProcessOwner(Int32 pid) in /home/ubuntu/Jenkins/workspace/GtkBuild/SecureConnectClient/ACVC.GTK.Service/DBus/OvpnGtkService.cs:line 345
at ACVC.GTK.Service.DBus.OvpnGtkService.IsAliveAsync(Int32 pid) in /home/ubuntu/Jenkins/workspace/GtkBuild/SecureConnectClient/ACVC.GTK.Service/DBus/OvpnGtkService.cs:line 254
2024-04-19 12:00:18.404 -04:00 [DBG] [TI=53] Wait for OpenVPN processes to finish graceful shutdown
2024-04-19 12:00:18.409 -04:00 [DBG] [TI=53] All OpenVPN processes exited properly
2024-04-19 12:00:18.409 -04:00 [DBG] [TI=53] Finished waiting OpenVPN graceful shutdown. Proceed with killing any orphaned OpenVPN processes
2024-04-19 12:00:18.513 -04:00 [DBG] Orphaned process are alive: False
2024-04-19 12:00:18.513 -04:00 [DBG] [TI=53] Attempting to restore /etc/resolv.conf if /etc/resolv.conf.ovpnsave exists
2024-04-19 12:00:18.513 -04:00 [DBG] [TI=53] /etc/resolv.conf.ovpnsave not found
Anyone have any thoughts?
Pinned Comments
project0 commented on 2021-06-28 15:58 (UTC) (edited on 2024-02-12 11:07 (UTC) by project0)
Please note the following requirements for AWS VPN Client:
If you depend on DNS servers from VPN you need to have a running systemd-resolved.service. Please ensure it does not conflict with any other DNS resolver service or configuration you may use.
sudo systemctl --now enable systemd-resolved.service
You have to enable and start the awsvpnclient.service after installation:
sudo systemctl --now enable awsvpnclient
For troubelshooting its worth checking first the logs:
See also the official docs: https://docs.aws.amazon.com/vpn/latest/clientvpn-user/client-vpn-connect-linux.html
If you face any other problem please check the troubleshooting guide (DNS issues): https://docs.aws.amazon.com/vpn/latest/clientvpn-user/linux-troubleshooting.html#aws-provided-client