Network-manager, simply, sucks. But sometimes you have little choice but to use it.
Unfortunately, despite a bug being sat idle for some time, Network-manager-openvpn doesn't support various OpenVPN client options such as max-routes. Unfortunately, if your OpenVPN server is pushing more than 100 routes, this is sufficient to prevent you from connecting at all.
This documentation details a way to work around that limitation. It's dirty and hacky, but so far, is the only solution I've found
Basically, we're going to move OpenVPN out of the way and replace it with a shell script that'll take the command it's given, and set max-routes (or any other custom option) appropriately.
First, we need to relocate openvpn, so
sudo cd /usr/sbin mv openvpn openvpn.real touch openvpn chmod +x openvpn
Then open openvpn in your text editor of choice, and enter the following
#!/bin/bash # # oldopts=$@ t=`getopt -o r: --long remote: -- $@ 2> /dev/null` set -- $t while [ $# -gt 0 ] do case $1 in --remote) remote=`echo "$2" | sed "s/'//g"`; break;; (-*) continue;; esac done newopts=$(egrep -e "^$remote" ~/.vpn_additional_opts | cut -d\| -f2) trap 'kill $PID 2> /dev/null || true' TERM INT HUP /usr/sbin/openvpn.real $newopts $oldopts & PID=$! wait $PID
Now we just need to create a small config file in our home directory. The key for the file is the hostname/ip provided to NetworkManager (in this case, foo.example.com). So, as your user
echo "foo.example.com|--max-routes 200" > ~/.vpn_additional_opts
Everything after the | will be passed to openvpn, so if there are any other arguments you need that are not supported by network manager you can also add them there.
The new script will likely be overwritten when you next update openvpn, so post-upgrade there are a couple of steps you need to follow
sudo cd /usr/sbin mv openvpn openvpn.real cp ~/path/to/backup/openvpn ./ chmod +x openvpn