Routing doesn't work on Ubuntu 14.04
David Woodhouse
dwmw2 at infradead.org
Thu Feb 13 05:02:23 EST 2014
On Thu, 2014-02-13 at 10:28 +0100, Andreas Profous wrote:
>
> CSTP connected. DPD 180, Keepalive 30
> Connected tun0 as 10.111.11.111, using SSL
> Established DTLS connection (using OpenSSL)
> ----
>
> That's it, it just hangs there. In another thread I've read that the
> issue is with the routing, i.e. that the actual VPN connection has
> actually been established. But I don't know how to fix this. Moreover,
> with the *exact* same setup, the VPN connection on Mac OS X Mavericks
> works just fine.
Firstly, why not just configure your VPN through NetworkManager and use
the GUI? That probably ought to be a lot easier, and should get the
routing right.
Secondly, you haven't actually described a problem :)
You're quite right that it *is* connected, and it's *supposed* to just
"hang" there. It's not hung; it's happily passing packets between the
local 'tun0' interface and the VPN for you.
While it's running like this, can you not reach servers within the VPN?
Is it actually *routing*, or just DNS? Perhaps you could reach internal
servers by IP address but just not by name?
Can you show the output of the 'ip route' and 'ip addr' commands (from
another terminal, of course), while openconnect is running like this?
And also the contents of /etc/resolv.conf.
Please also add '-v' to the openconnect command line, so we can see the
internal routing/DNS information that the server gives you, and check
that it's being set up properly.
--
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5745 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20140213/81f1ed14/attachment-0001.bin>
More information about the openconnect-devel
mailing list