Fail to update DNS settings
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
network-manager-fortisslvpn (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
When connecting using Network-manager to a FortiSSL VPN, the DNS settings are not updated.
This was working fine on previous Ubuntu release (same VPN account and gateway). Now I can see in logs the VPN correctly bring up and get nameserver settings :
Jun 25 09:39:11 LH25450 systemd-
Jun 25 09:39:11 LH25450 NetworkManager[
Jun 25 09:39:11 LH25450 NetworkManager[
...
Jun 25 09:39:14 LH25450 systemd[1]: Starting Network Manager Script Dispatcher Service...
Jun 25 09:39:14 LH25450 NetworkManager[
Jun 25 09:39:14 LH25450 NetworkManager[
But when looking for interface state using the nmcli, ppp0 is displayed as down :
root@LH25450:~# nmcli device status
DEVICE TYPE STATE CONNECTION
enp0s31f6 ethernet connected Connexion filaire 1
docker0 bridge connected docker0
ppp0 ppp disconnected --
wlp0s20f3 wifi unavailable --
lo loopback unmanaged --
And if I try to resolv an internal hostname, it fails :
bmordac@LH25450:~$ dig wpad.internal-
; <<>> DiG 9.16.1-Ubuntu <<>> wpad.internal-
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28205
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;wpad.internal-
;; Query time: 52 msec
;; SERVER: 127.0.0.
;; WHEN: Thu Jun 25 09:50:25 CEST 2020
;; MSG SIZE rcvd: 58
If I force dig to use NS received by the FortiGate, it works :
bmordac@LH25450:~$ dig @10.242.135.1 wpad.internal-
; <<>> DiG 9.16.1-Ubuntu <<>> @10.242.135.1 wpad.internal-
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58565
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
; COOKIE: 0f56987937b2e9a5 (echoed)
;; QUESTION SECTION:
;wpad.internal-
;; ANSWER SECTION:
wpad.internal-
fro1vresweb.
;; Query time: 28 msec
;; SERVER: 10.242.
;; WHEN: Thu Jun 25 09:50:48 CEST 2020
;; MSG SIZE rcvd: 112
Below the full log in /var/log/syslog :
Jun 25 09:39:07 LH25450 NetworkManager[
Jun 25 09:39:07 LH25450 NetworkManager[
Jun 25 09:39:07 LH25450 systemd-
Jun 25 09:39:11 LH25450 NetworkManager[
Jun 25 09:39:11 LH25450 NetworkManager[
Jun 25 09:39:11 LH25450 NetworkManager[
Jun 25 09:39:11 LH25450 NetworkManager[
Jun 25 09:39:11 LH25450 NetworkManager[
Jun 25 09:39:11 LH25450 pppd[106381]: Plugin /usr/lib/
Jun 25 09:39:11 LH25450 NetworkManager[
Jun 25 09:39:11 LH25450 pppd[106381]: pppd 2.4.7 started by root, uid 0
Jun 25 09:39:11 LH25450 pppd[106381]: Using interface ppp0
Jun 25 09:39:11 LH25450 NetworkManager[
Jun 25 09:39:11 LH25450 NetworkManager[
Jun 25 09:39:11 LH25450 pppd[106381]: Connect: ppp0 <--> /dev/pts/0
Jun 25 09:39:11 LH25450 NetworkManager[
Jun 25 09:39:11 LH25450 systemd-
Jun 25 09:39:11 LH25450 NetworkManager[
Jun 25 09:39:11 LH25450 NetworkManager[
Jun 25 09:39:12 LH25450 systemd-
Jun 25 09:39:13 LH25450 systemd-
Jun 25 09:39:14 LH25450 NetworkManager[
Jun 25 09:39:14 LH25450 pppd[106381]: local IP address 10.244.148.1
Jun 25 09:39:14 LH25450 kernel: [92296.251077] audit: type=1400 audit(159307075
Jun 25 09:39:14 LH25450 NetworkManager[
Jun 25 09:39:14 LH25450 NetworkManager[
Jun 25 09:39:14 LH25450 pppd[106381]: remote IP address 192.0.2.1
Jun 25 09:39:14 LH25450 NetworkManager[
Jun 25 09:39:14 LH25450 NetworkManager[
Jun 25 09:39:14 LH25450 NetworkManager[
Jun 25 09:39:14 LH25450 NetworkManager[
Jun 25 09:39:14 LH25450 NetworkManager[
Jun 25 09:39:14 LH25450 NetworkManager[
Jun 25 09:39:14 LH25450 NetworkManager[
Jun 25 09:39:14 LH25450 NetworkManager[
Jun 25 09:39:14 LH25450 NetworkManager[
Jun 25 09:39:14 LH25450 NetworkManager[
Jun 25 09:39:14 LH25450 NetworkManager[
Jun 25 09:39:14 LH25450 NetworkManager[
Jun 25 09:39:14 LH25450 NetworkManager[
Jun 25 09:39:14 LH25450 NetworkManager[
Jun 25 09:39:14 LH25450 NetworkManager[
Jun 25 09:39:14 LH25450 dbus-daemon[704]: [system] Activating via systemd: service name='org.
Jun 25 09:39:14 LH25450 kernel: [92296.281959] audit: type=1400 audit(159307075
Jun 25 09:39:14 LH25450 systemd[1]: Starting Network Manager Script Dispatcher Service...
Jun 25 09:39:14 LH25450 NetworkManager[
Jun 25 09:39:14 LH25450 NetworkManager[
Jun 25 09:39:14 LH25450 dbus-daemon[704]: [system] Successfully activated service 'org.freedeskto
Jun 25 09:39:14 LH25450 systemd[1]: Started Network Manager Script Dispatcher Service.
Jun 25 09:39:14 LH25450 NetworkManager[
Jun 25 09:39:15 LH25450 systemd-
Jun 25 09:39:24 LH25450 systemd-
Jun 25 09:39:24 LH25450 systemd[1]: NetworkManager-
Jun 25 09:39:24 LH25450 systemd-
bmordac@LH25450:~$ sudo nmcli device show
GENERAL.DEVICE: enp0s31f6
GENERAL.TYPE: ethernet
GENERAL.HWADDR: 38:22:E2:C2:F6:C3
GENERAL.MTU: 1500
GENERAL.STATE: 100 (connected)
GENERAL.CONNECTION: Connexion filaire 1
GENERAL.CON-PATH: /org/freedeskto
WIRED-PROPERTIE
IP4.ADDRESS[1]: 192.168.1.3/24
IP4.GATEWAY: 192.168.1.254
IP4.ROUTE[1]: dst = 0.0.0.0/0, nh = 192.168.1.254, mt = 100
IP4.ROUTE[2]: dst = 217.64.156.33/32, nh = 192.168.1.254, mt = 100
IP4.ROUTE[3]: dst = 192.168.1.254/32, nh = 0.0.0.0, mt = 100
IP4.ROUTE[4]: dst = 169.254.0.0/16, nh = 0.0.0.0, mt = 1000
IP4.ROUTE[5]: dst = 192.168.1.0/24, nh = 0.0.0.0, mt = 100
IP4.DNS[1]: 192.168.1.254
IP6.ADDRESS[1]: 2a01:e0a:
IP6.ADDRESS[2]: 2a01:e0a:
IP6.ADDRESS[3]: fe80::ad4c:
IP6.GATEWAY: fe80::160c:
IP6.ROUTE[1]: dst = 2a01:e0a:
IP6.ROUTE[2]: dst = ::/0, nh = fe80::160c:
IP6.ROUTE[3]: dst = fe80::/64, nh = ::, mt = 100
IP6.ROUTE[4]: dst = ff00::/8, nh = ::, mt = 256, table=255
IP6.DNS[1]: fd0f:ee:b0::1
GENERAL.DEVICE: docker0
GENERAL.TYPE: bridge
GENERAL.HWADDR: 02:42:DF:0B:F4:F8
GENERAL.MTU: 1500
GENERAL.STATE: 100 (connected)
GENERAL.CONNECTION: docker0
GENERAL.CON-PATH: /org/freedeskto
IP4.ADDRESS[1]: 172.17.0.1/16
IP4.GATEWAY: --
IP4.ROUTE[1]: dst = 172.17.0.0/16, nh = 0.0.0.0, mt = 0
IP6.GATEWAY: --
GENERAL.DEVICE: ppp0
GENERAL.TYPE: ppp
GENERAL.HWADDR: (unknown)
GENERAL.MTU: 1400
GENERAL.STATE: 30 (disconnected)
GENERAL.CONNECTION: --
GENERAL.CON-PATH: --
GENERAL.DEVICE: wlp0s20f3
GENERAL.TYPE: wifi
GENERAL.HWADDR: 84:C5:A6:31:C2:7F
GENERAL.MTU: 1500
GENERAL.STATE: 20 (unavailable)
GENERAL.CONNECTION: --
GENERAL.CON-PATH: --
GENERAL.DEVICE: lo
GENERAL.TYPE: loopback
GENERAL.HWADDR: 00:00:00:00:00:00
GENERAL.MTU: 65536
GENERAL.STATE: 10 (unmanaged)
GENERAL.CONNECTION: --
GENERAL.CON-PATH: --
IP4.ADDRESS[1]: 127.0.0.1/8
IP4.GATEWAY: --
IP6.ADDRESS[1]: ::1/128
IP6.GATEWAY: --
IP6.ROUTE[1]: dst = ::1/128, nh = ::, mt = 256
bmordac@LH25450:~$
bmordac@LH25450:~$ systemd-resolve --status
Global
LLMNR setting: no
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNSSEC NTA: 10.in-addr.arpa
Link 25 (ppp0)
Current Scopes: none
DefaultRoute setting: no
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Link 4 (docker0)
Current Scopes: none
DefaultRoute setting: no
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Link 3 (wlp0s20f3)
Current Scopes: none
DefaultRoute setting: no
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Link 2 (enp0s31f6)
Current Scopes: DNS
DefaultRoute setting: yes
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Current DNS Server: 192.168.1.254
DNS Servers: 192.168.1.254
DNS Domain: ~.
Status changed to 'Confirmed' because the bug affects multiple users.