openfortivpn
openfortivpn copied to clipboard
adrienverge
Local internet got lost after upgrading to 1.15
Hi, I updated my home PC to ubuntu 21.04 which is using openfortivpn 1.15 and after that after connecting to my company VPN my local internet is disappearing (trying to ping 8.8.8.8 doesn't work). It looks like it is not a DNS but routes problem.
Compiled 1.16 and observed the same behaviour, so I returned back to 1.14.1 where it works. I did a git bisect and the first non working commit is : 08a3516f29a4ad958bfcaab028588056c4f65765 Added support for hostchecks.
And I see two different logs for working and not working version:
Working:
Not working:
In both cases ping to private address works but for the second one doesn't work for public address.
Regards.
Generally speaking, it is often expected that you are isolated from the local network when the VPN is running. It makes perfect sense for your company, although you might see it as annoying.
In your specific case, it remains to check whether your company expects the VPN client to isolate the machine from the local network.
Finally, I don't see how 08a3516 could modify routing, it doesn't make sense. Perhaps 41bbbb9, the next commit?
On the other hand, I do see different DNS servers in the logs between 1.14:
INFO: Got addresses: [10.100.1.20], ns [10.138.255.101, 10.138.255.102], …
and 1.15:
INFO: Got addresses: [10.100.1.20], ns [0.0.0.0, 0.0.0.0]
So I'm wondering whether this could be a DNS issue, perhaps in addition to a routing issue.
Hi,
I suppose if it is a dns issue, I would be able to ping known IP addresses as 8.8.8.8 I understand if the company wants all the internet traffic to go through its network, but this way I have access only to its servers. Usually I don't mind not to have access, I just login on the remote PC and do all my work on it, the problem is that I don't want to redirect the sound, for example I'm running music streaming and video conference tools on the local machine.
I ran both versions (08a3516 vs v1.14.1) in verbose mode and found saw some interesting differences, the older version sets both dns nameservers and multiple routes:
- In 08a3516 I can see
DEBUG: Retrieving configuration
WARN: No gateway address, using interface for routing
DEBUG: Establishing the tunnel
While in v1.14.1
DEBUG: Retrieving configuration
DEBUG: found dns suffix ........ in xml config
DEBUG: found dns server .... in xml config
DEBUG: found dns server .... in xml config
DEBUG: Establishing the tunnel
- Later
INFO: Got addresses: [10.100.0.179], ns [0.0.0.0, 0.0.0.0]
INFO: Negotiation complete.
vs
INFO: Got addresses: [10.100.0.226], ns [10.138.255.101, 10.138.255.102], ns_suffix [.......]
INFO: Negotiation complete.
- At the end
DEBUG: Setting route to vpn server...
DEBUG: ip route show to ....../255.255.255.255 via 192.168.1.1 dev enp34s0
DEBUG: ip route add to ....../255.255.255.255 via 192.168.1.1 dev enp34s0
DEBUG: Deleting the current default route...
DEBUG: ip route del to 0.0.0.0/0.0.0.0 via 192.168.1.1 dev enp34s0
DEBUG: Setting new default route...
DEBUG: ip route add to 0.0.0.0/0.0.0.0 dev ppp0
INFO: Adding VPN nameservers...
DEBUG: Attempting to modify /etc/resolv.conf directly.
INFO: Tunnel is up and running.
in v1.14.1
DEBUG: Setting route to vpn server...
DEBUG: ip route show to ..../255.255.255.255 via 192.168.1.1 dev enp34s0
DEBUG: ip route add to ..../255.255.255.255 via 192.168.1.1 dev enp34s0
DEBUG: ip route add to ..../255.0.0.0 dev ppp0
DEBUG: ip route add to ..../255.255.0.0 dev ppp0
DEBUG: ip route add to ..../255.255.255.0 dev ppp0
DEBUG: ip route add to ..../255.255.255.0 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.254.0 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
WARN: Route to gateway exists already.
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
WARN: Route to gateway exists already.
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
WARN: Route to gateway exists already.
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
WARN: Route to gateway exists already.
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.0 dev ppp0
DEBUG: ip route add to ..../255.255.255.0 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.248.0 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.252.0 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.254.0 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.255 dev ppp0
DEBUG: ip route add to ..../255.255.255.0 dev ppp0
DEBUG: ip route add to ..../255.255.0.0 dev ppp0
DEBUG: ip route add to ..../255.255.192.0 dev ppp0
INFO: Adding VPN nameservers...
DEBUG: Attempting to modify /etc/resolv.conf directly.
DEBUG: Adding "nameserver ....", to /etc/resolv.conf.
DEBUG: Adding "nameserver ....", to /etc/resolv.conf.
DEBUG: Adding "search ....", to /etc/resolv.conf.
INFO: Tunnel is up and running.
Deleted some private IP addresses.