ip4 static routes added in NetworkManager UI fail and prevent connection

Status changed to 'Confirmed' because the bug affects multiple users.

You may set 0.0.0.0 to gateway and work good.

The workaround suggested by Ikuya Awashiro (setting the gateway for the route to 0.0.0.0) does not work for me. The problem persits even after applying this workaround. The VPN connection is only established when all static routes are deleted from the configuration.

For me it works when I enter no Gateway

Message is:
Mar 28 10:40:18 jno-ThinkPad-W500 NetworkManager[899]: <error> [1490686817.9316] platform-linux: do-add-ip4-route[11: 172.17.0.0/16 50]: failure 101 (Сеть недоступна)

I have exactly the same. can't access my University's vpn on my new laptop running 10.04. vpn works without any issue on another laptop running 14.04.

I am wondering if I can rollback vpnc and the necessary packages back to 14.04? need to use vpn to connect to work computers.

using the above workaround (leave Gateway blank), I get the following error when trying to connect via vpn:

ERROR: getaddrinfo: Temporary failure in name resolution

I think that putting 0.0.0.0 works for someone (like me) because, when using this route, a broadcast is sent, both to the original interface and tun0.

I also have this issue. My PPTP connection was working fine and then I probably added some routes. And now I can't connect. Attach output from 'journalctl -u NetworkManager.service' command.

Same issue still on 18.04 bionic

Setting gateway in route to 0.0.0.0 helped in my case also, many thanks to apetrelli (antonio-petrelli).

I'm not sure if this is actually the same bug, but I fixed an issue with the same symptoms, documenting here for the sake of those who come after me:

The NetworkManager tool asks you to input a subnet mask in "dotted-quad" format, however, if you look at the config file created for the connection in /etc/NetworkManager/system-connections, you see that it converts it to /CIDR notation.

However, I had input some routes which didn't actually properly map to a CIDR network specification, which was causing the ip-route add command to fail with an "RTNETLINK answers: Invalid argument" error message.

Correcting or removing these routes fixed my issue.

Michael Gale, your issue is different to the OP's one. The routes the OP has entered are all CIDR notable, he even uses CIDR when entering them via command line.

So please report a new bug, showing which routes you have entered and how they end up in /etc/NetworkManager/system-connections.

In addition, you could report a bug upstream, suggesting to let the rutes be saved in /etc/NetworkManager/system-connections in dotted-quad notation if they cannot be represented in CIDR notation.

Could anyone who still has this problem supply a list of the routes he has entered and how he has entered them and also attach the /etc/NetworkManager/system-connections file to this bug report? Thanks.

[Expired for network-manager (Ubuntu) because there has been no activity for 60 days.]

I would like to revive this bug report.

I will describe the problem in detail.

I run an ovpn script from the command line and everything goes well.

The ovpn file:

client
dev tun
remote nl.vpn.******.org 443
resolv-retry infinite
nobind
persist-key
persist-tun
auth-nocache
mute-replay-warnings
route 10.0.1.0 255.255.255.0 10.0.2.136
route 10.0.0.0 255.255.255.0 10.0.2.136
route-delay 5
verb 3
explicit-exit-notify 5
remote-cert-tls server
cipher AES-256-CBC
comp-lzo no
proto udp
key-direction 1

I left out certivicates because they are here irrelevant.

The route table before the execution of openvpn is:

Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.0.2.136 0.0.0.0 UG 100 0 0 enp3s0
10.0.2.0 0.0.0.0 255.255.255.0 U 100 0 0 enp3s0

10.0.2.136 is my home router.

After the execution of sudo openvpn <ovpn file> the route table is:

Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.17.76.1 128.0.0.0 UG 0 0 0 tun0
0.0.0.0 10.0.2.136 0.0.0.0 UG 100 0 0 enp3s0
10.0.0.0 10.0.2.136 255.255.255.0 UG 0 0 0 enp3s0
10.0.1.0 10.0.2.136 255.255.255.0 UG 0 0 0 enp3s0
10.0.2.0 0.0.0.0 255.255.255.0 U 100 0 0 enp3s0
10.17.76.0 0.0.0.0 255.255.255.0 U 0 0 0 tun0
128.0.0.0 10.17.76.1 128.0.0.0 UG 0 0 0 tun0
213.152.162.73 10.0.2.136 255.255.255.255 UGH 0 0 0 enp3s0

This looks a bit complicated to me but it is working. Note the two lines for the networks 10.0.1.0/24 and 10.0.0.0/24.
They are needed to divert traffic for those networks to my home router 10.0.2.136.
Traffic for my home network 10.0.2.0/24 stays in the home network.
All other traffic goes to the tun0 device (the vpn provider).

In the Network Manager I imported the ovpn file and the resulting network manager file /etc/NetworkManager/system-connections/vpnnl file is:

id=provider_UDP-443
uuid=88baf716****
type=vpn
autoconnect=false
permissions=

[vpn]
cert-pass-flags=0
cipher=AES-256-CBC
comp-lzo=no-by-default
connection-type=tls
dev=tun
key=***.pem
remote=nl.vpn.provider.org:443
remote-cert-tls=server
ta-dir=1
service-type=org.freedesktop.NetworkManager.openvpn

[ipv4]
dns-search=
method=auto
route1=10.0.1.0/24,10.0.2.136
route2=10.0.0.0/24,10.0.2.136

[ipv6]
addr-gen-mode=stable-privacy
dns-search=
ip6-privacy=0
method=auto

I left out some statements concerning security and privacy. Note the two route statements.
When I make the vpn connection with this connections file I get the error message:
connection failed because VPN service returned invalid configuration.

When I remove the two route statements in the network-manager/ edit connections section the connection is properly made but ofcourse without the two route statements in the route table:

Destination Gat...