Ubuntu
network-manager-openconnect package

  1. Bug #1489578
  2. Comment #0

Comment 0 for bug 1489578

Revision history for this message
nemith (bennetb) wrote :

After connecting to an openconnect VPN IPv4 and IPv6 default routes should be updated to go through the VPN instead of directly out any physical nic.

I have found this works fine for IPv4.
IPv4 Before connecting
````
ip route listmtr
default via 10.10.4.1 dev eth1
default via 10.10.4.1 dev eth1 proto static metric 1024
10.10.4.0/24 dev eth1 proto kernel scope link src 10.10.4.195
169.254.0.0/16 dev eth1 scope link metric 1000
172.26.12.0/22 dev wlan0 proto kernel scope link src 172.26.12.122
192.168.12.165 via 172.26.12.1 dev wlan0 proto dhcp metric 10
192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1
```

IPv4 After
```
default dev vpn0 proto static scope link metric 1024
10.10.4.0/24 dev eth1 proto kernel scope link src 10.10.4.195
169.254.0.0/16 dev eth1 scope link metric 1000
172.26.12.0/22 dev wlan0 proto kernel scope link src 172.26.12.122
172.26.112.0/20 dev vpn0 proto kernel scope link src 172.26.125.30
192.168.12.165 via 172.26.12.1 dev wlan0 proto dhcp metric 10
192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1
199.201.64.20 via 10.10.4.1 dev eth1 proto static metric 1
```

With IPv6 the VPN route is added but with the same metric so no traffic is ever taking the tunnel for IPv6. If i use the command line openconnect tool (bypassing network-manager) it installs a default route with a metric of 1 (still does not remove the other route) which allows tunneling.

IPv6 Before:
```
2620:10d:c081:1103::/64 dev wlan0 proto kernel metric 256 expires 603730sec
fe80::/64 dev eth1 proto kernel metric 256
fe80::/64 dev wlan0 proto kernel metric 256
default via fe80::5:73ff:fea0:c2a dev wlan0 proto static metric 1024
```

IPv6 After:
```
2620:10d:c081:1103::/64 dev wlan0 proto ra metric 10
2620:10d:c081:1110::/64 dev vpn0 proto kernel metric 256
fe80::/64 dev eth1 proto kernel metric 256
fe80::/64 dev wlan0 proto kernel metric 256
default via fe80::5:73ff:fea0:c2a dev wlan0 proto static metric 1024
default dev vpn0 proto static metric 1024
```

ProblemType: Bug
DistroRelease: Ubuntu 15.04
Package: network-manager-openconnect 0.9.10.0-1ubuntu2
ProcVersionSignature: Ubuntu 3.19.0-26.28-generic 3.19.8-ckt4
Uname: Linux 3.19.0-26-generic x86_64
ApportVersion: 2.17.2-0ubuntu1.3
Architecture: amd64
CurrentDesktop: Unity
Date: Thu Aug 27 13:18:57 2015
InstallationDate: Installed on 2015-08-03 (24 days ago)
InstallationMedia: Ubuntu 15.04 "Vivid Vervet" - Release amd64 (20150422)
SourcePackage: network-manager-openconnect
UpgradeStatus: No upgrade log present (probably fresh install)