Hi there,
I’ve been using ThinLinc for around 2 weeks and it’s working great. I’m just using it to access a Linux Mint headless desktop that I use just for work.
When I create a new OpenVPN connection by on my other machines by importing a .ovpn file using the Network Manager GUI it works just fine. However, if I try to do the same when connected to the remote machine I get the message:
System policy prevents control of network settings for all users
Entering my local user password allows the connection to be created. When using the connection I get the same prompt but when I enter my password I completely lose control of the system. I can exit out of the connection by hitting F8. the re-connecting fails.
The remote box is a Proxmox VM with a GPU passed through. VirtualGL is working fine. When accessing the remote using a SPICE display I don’t get this problem.
Are you trying to establish the VPN connection from within the remote session?
We’ve had reports of this causing problems in the past. VPN clients can alter the network configuration and cause issues with ThinLinc. SPICE connects on a different layer and may not exhibit the same behaviour.
Wild guess - but you could try setting the agent_hostname parameter to something which always resolves correctly for the connecting client. You’ll find this parameter in /opt/thinlinc/etc/conf.d/vsmagent.hconf, and make sure you restart the vsmagent service afterwards.
I set agent_hostname to the name of the desktop I’m connecting to and put it in the hcsts file of the client hosts file. The VPN connection gets established but I’m unable to connect to any of its resources. When I disconnected for the VPN the thinlinc session times out and I’m unable to connect. Nor can I ping its hostname nor address.
Hi, just to clarify - are you trying to establish the VPN connection from your local (client) machine? Or from within a ThinLinc session on the server?
VPN clients tend to manipulate network configuration and routing tables in different ways, and I guess this is affecting ThinLinc’s ability to maintain a connection somehow. So I don’t think there’s anything which can be done within ThinLinc to fix it.
If the VPN is a requirement, you may need to look at setting up separate network interfaces on your server, one for ThinLinc and one for the VPN. Then hopefully they won’t interfere with each other.
