diff --git a/NetworkManager-openvpn-0.7.0-cipher.patch b/NetworkManager-openvpn-0.7.0-cipher.patch
new file mode 100644
index 0000000..41e8192
--- /dev/null
+++ b/NetworkManager-openvpn-0.7.0-cipher.patch
@@ -0,0 +1,14 @@
+diff -Naur NetworkManager-openvpn-0.7.0/properties/auth-helpers.c NetworkManager-openvpn-0.7.0.cipher/properties/auth-helpers.c
+--- NetworkManager-openvpn-0.7.0/properties/auth-helpers.c	2008-12-12 01:22:57.000000000 +0530
++++ NetworkManager-openvpn-0.7.0.cipher/properties/auth-helpers.c	2009-10-09 14:32:52.000000000 +0530
+@@ -1059,7 +1059,9 @@
+ 		g_hash_table_insert (hash, g_strdup (NM_OPENVPN_KEY_TAP_DEV), g_strdup ("yes"));
+ 
+ 	contype = g_object_get_data (G_OBJECT (dialog), "connection-type");
+-	if (!strcmp (contype, NM_OPENVPN_CONTYPE_TLS) || !strcmp (contype, NM_OPENVPN_CONTYPE_PASSWORD_TLS)) {
++        if (   !strcmp (contype, NM_OPENVPN_CONTYPE_TLS)
++            || !strcmp (contype, NM_OPENVPN_CONTYPE_PASSWORD_TLS)
++            || !strcmp (contype, NM_OPENVPN_CONTYPE_PASSWORD)) {
+ 		GtkTreeModel *model;
+ 		GtkTreeIter iter;
+ 
diff --git a/NetworkManager-openvpn-0.7.0-route.patch b/NetworkManager-openvpn-0.7.0-route.patch
new file mode 100644
index 0000000..28d6500
--- /dev/null
+++ b/NetworkManager-openvpn-0.7.0-route.patch
@@ -0,0 +1,85 @@
+diff -Naur NetworkManager-openvpn-0.7.0/src/nm-openvpn-service-openvpn-helper.c NetworkManager-openvpn-0.7.0.route/src/nm-openvpn-service-openvpn-helper.c
+--- NetworkManager-openvpn-0.7.0/src/nm-openvpn-service-openvpn-helper.c	2008-12-12 01:22:57.000000000 +0530
++++ NetworkManager-openvpn-0.7.0.route/src/nm-openvpn-service-openvpn-helper.c	2009-10-09 12:59:38.000000000 +0530
+@@ -287,6 +287,7 @@
+ 	GValue *nbns_list = NULL;
+ 	GValue *dns_domain = NULL;
+ 	struct in_addr temp_addr;
++	gboolean tapdev = FALSE;
+ 
+ 	g_type_init ();
+ 
+@@ -310,13 +311,17 @@
+ 	if (val)
+ 		g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_INT_GATEWAY, val);
+ 
+-	/* Tunnel device */
+-	val = str_to_gvalue (getenv ("dev"), FALSE);
++	/* VPN device */
++	tmp = getenv ("dev");
++	val = str_to_gvalue (tmp, FALSE);
+ 	if (val)
+ 		g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_TUNDEV, val);
+ 	else
+ 		helper_failed (connection, "Tunnel Device");
+ 
++	if (strncmp (tmp, "tap", 3) == 0)
++		tapdev = TRUE;
++
+ 	/* IP address */
+ 	val = addr_to_gvalue (getenv ("ifconfig_local"));
+ 	if (val)
+@@ -326,20 +331,45 @@
+ 
+ 	/* PTP address; for vpnc PTP address == internal IP4 address */
+ 	val = addr_to_gvalue (getenv ("ifconfig_remote"));
+-	if (val)
+-		g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_PTP, val);
++	if (val) {
++		/* Sigh.  Openvpn added 'topology' stuff in 2.1 that changes the meaning
++		 * of the ifconfig bits without actually telling you what they are
++		 * supposed to mean; basically relying on specific 'ifconfig' behavior.
++		 */
++		tmp = getenv ("ifconfig_remote");
++		if (tmp && !strncmp (tmp, "255.", 4)) {
++			guint32 addr;
++
++			/* probably a netmask, not a PTP address; topology == subnet */
++			addr = g_value_get_uint (val);
++			g_value_set_uint (val, nm_utils_ip4_netmask_to_prefix (addr));
++			g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_PREFIX, val);
++		} else
++			g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_PTP, val);
++	}
+ 
+-	/* Netmask */
+-	tmp = getenv ("route_netmask_1");
++	/* Netmask
++	 *
++	 * Either TAP or TUN modes can have an arbitrary netmask in newer versions
++	 * of openvpn, while in older versions only TAP mode would.  So accept a
++	 * netmask if passed, otherwise default to /32 for TUN devices since they
++	 * are usually point-to-point.
++	 */
++	tmp = getenv ("ifconfig_netmask");
+ 	if (tmp && inet_pton (AF_INET, tmp, &temp_addr) > 0) {
+-		GValue *val;
+-
+ 		val = g_slice_new0 (GValue);
+ 		g_value_init (val, G_TYPE_UINT);
+ 		g_value_set_uint (val, nm_utils_ip4_netmask_to_prefix (temp_addr.s_addr));
+-
+ 		g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_PREFIX, val);
+-	}
++	} else if (!tapdev) {
++		if (!g_hash_table_lookup (config, NM_VPN_PLUGIN_IP4_CONFIG_PREFIX)) {
++			val = g_slice_new0 (GValue);
++			g_value_init (val, G_TYPE_UINT);
++			g_value_set_uint (val, 32);
++			g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_PREFIX, val);
++		}
++	} else
++		nm_warning ("No IP4 netmask/prefix (missing or invalid 'ifconfig_netmask')");
+ 
+ 	val = get_routes ();
+ 	if (val)
diff --git a/NetworkManager-openvpn.spec b/NetworkManager-openvpn.spec
index 3b340d0..bf51b36 100644
--- a/NetworkManager-openvpn.spec
+++ b/NetworkManager-openvpn.spec
@@ -22,6 +22,8 @@ Group: System Environment/Base
 # - use generated NetworkManager-openvpn-0.7.0.tar.gz
 Source: %{name}-%{version}.%{svn_snapshot}.tar.gz
 Patch0: NetworkManager-openvpn-0.7.0-keyring.patch
+Patch1: NetworkManager-openvpn-0.7.0-route.patch
+Patch2: NetworkManager-openvpn-0.7.0-cipher.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-root
 BuildRequires: gtk2-devel                 >= %{gtk2_version}
@@ -55,7 +57,8 @@ with NetworkManager and the GNOME desktop.
 %prep
 %setup -q -n %{name}-%{version}
 %patch0 -p1 -b .keyring
-
+%patch1 -p1 -b .route
+%patch2 -p1 -b .cipher
 
 %build
 if [ ! -f configure ]; then
@@ -107,6 +110,10 @@ fi
 %dir %{_datadir}/gnome-vpn-properties/openvpn
 
 %changelog
+* Mon Oct 12 2009 Huzaifa Sidhpurwala <huzaifas@redhat.com> 1:0.7.0-18.svn11.2
+- Fix Routing issues with EL-5 build (rh #525646)
+- Fix issue where cipher type is not stored in gconf
+
 * Sat Feb  7 2009 Lubomir Rintel <lkundrak@v3.sk> 1:0.7.0-18.svn11.1
 - Adjust for RHEL 5.3, older and less capable keyring manager