network manager open connect establishes connect but vpn does not work after connection is establlished.

Bug #1502847 reported by Lafa on 2015-10-05
80
This bug affects 15 people
Affects Status Importance Assigned to Milestone
network-manager-openconnect (Ubuntu)
Medium
Unassigned
vpnc-scripts (Ubuntu)
Medium
Unassigned

Bug Description

I tried using network-manager in Ubuntu Gnome 15.10, it does establish the connection but I can not load any web pages or connect to any company machines.

This work fine in Ubuntu 15.04.

I also tried openconnect command line like this:

sudo openconnect --user=USER server/PATH

It also connects but even on the command line I have to add a default route to the tun0 device

sudo route add default gw IPADDRESS tun0

After that it works on cmd line, using network-manger I was not able to make it work.

DNS seems to be working great, after the NetworkManager established the vpn connection,
But I'm able to route any ip traffic.

This the Routing table using Ubuntu gnome Network Manager openconnect, after the vpn connection is established.

$ sudo route -n
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 0.0.0.0 0.0.0.0 U 50 0 0 vpn0
0.0.0.0 192.168.254.254 0.0.0.0 UG 600 0 0 wlp1s0
10.87.160.0 0.0.0.0 255.255.224.0 U 50 0 0 vpn0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 virbr0
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
192.168.254.0 0.0.0.0 255.255.255.0 U 600 0 0 wlp1s0
216.145.48.150 192.168.254.254 255.255.255.255 UGH 600 0 0 wlp1s0

ProblemType: Bug
DistroRelease: Ubuntu 15.10
Package: network-manager-openconnect 1.0.2-1build1
ProcVersionSignature: Ubuntu 4.2.0-12.14-generic 4.2.1
Uname: Linux 4.2.0-12-generic x86_64
ApportVersion: 2.19-0ubuntu1
Architecture: amd64
CurrentDesktop: GNOME
Date: Mon Oct 5 03:27:06 2015
InstallationDate: Installed on 2015-09-28 (7 days ago)
InstallationMedia: Ubuntu-GNOME 15.10 "Wily Werewolf" - Alpha amd64 (20150924)
ProcEnviron:
 TERM=xterm-256color
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: network-manager-openconnect
UpgradeStatus: No upgrade log present (probably fresh install)

Lafa (luis-alves) wrote :
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in network-manager-openconnect (Ubuntu):
status: New → Confirmed
Changed in network-manager-openconnect (Ubuntu):
importance: Undecided → Medium
swatteam229 (swatteam229) wrote :

Please increase the importance if possible.
openconnect VPN in 15.10 is not working for me but does have the wifi driver for MSI GT72 ( Awesome ). 15.04 has the working VPN but not the wifi..

Thanks you all for Ubuntu !
James

This fixes the problem for me after vpnc connected:

    sudo ip route add default dev tun0

I wonder if vpnc is failing to do this itself, or if NetworkManager is getting in the way.

Lafa (luis-alves) wrote :

O posted a permanent fix to the vpnc script in here, that works for openconnect on the command line.
http://askubuntu.com/questions/681687/openconnect-vpn-setup-is-failing-in-ubuntu-15-10

Thomas Uebel (t-uebel) wrote :

The proposed permanent fix mentioned in #5 does not work for me.

Ivo Raisr (ivosh-d) wrote :

I am also affected by this bug. The following workaround works for me:
sudo ip route replace default via 0.0.0.0 dev tun0

I can provide lots of debugging information if needed.

Steve Hellwege (hellwege) wrote :

A permanent fix that worked:

Create a file: /etc/vpnc/post-connect.d/fix-default-route

Contents:

ip route replace default via 0.0.0.0 dev tun0

Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in openconnect (Ubuntu):
status: New → Confirmed
Emilio Devspark (ecorengia) wrote :

Similar thing happens in Xubuntu 16.04 LTS "Xenial Xerus" - beta 2.
I'm able to connect eventually, but I'm getting disconnected constantly from OpenVPN client.

Changed in openconnect (Ubuntu):
importance: Undecided → Medium
Blackgr (blackfate86) wrote :

Hello,

A bit late to the party. Have you tried changing the tun0 mss?

sudo iptables -A OUTPUT -o tun0 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1362

Thanks,
Alex

Mike Miller (mtmiller) wrote :

Reassigning from openconnect to vpnc-scripts, openconnect itself has nothing to do with configuring the routing table after establishing a VPN connection.

Does this bug actually affect openconnect command-line connections, or only connections established using NetworkManager?

affects: openconnect (Ubuntu) → vpnc-scripts (Ubuntu)
Changed in vpnc-scripts (Ubuntu):
status: Confirmed → Incomplete
Moritz Baumann (mo42) wrote :

Command-line connections are not affected anymore, those have been fixed by some update in the meantime. Only connections via the NetworkManager plugin are still affected.

Mike Miller (mtmiller) on 2018-02-23
Changed in vpnc-scripts (Ubuntu):
status: Incomplete → Invalid
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers