On Friday, 8 June 2018 23:21:52 BST Grant Taylor wrote: > On 06/08/2018 03:31 PM, Hilco Wijbenga wrote: > > Sigh, I take it back. That causes the internal sites to no longer work. > > Okay. > > So you're on the proper track. > > I'm guessing the work network isn't a simple single prefix. Or at least > the VPN client doesn't route enough through the VPN. > > Check your routing table with the VPN connected. Is enough being routed > through? Do you need to add additional prefixes? > > If DNS is working properly for internal resources, make sure that what > they resolve to is routed through the VPN.
I don't know what networkmanager offers in terms of VPN settings, but as Grant says you need to set split routing. As it currently is, everything is sent out through the tunnel and your work's router is not set up to route out to the Internet your VPN connection. If networkmanager does not get you what you want, you can do this with 'ip route'. Delete the default route, then set again the default route via the your local gateway: # ip route del default via 192.168.1.254 dev wlan0 # ip route add default via 192.168.1.254 dev wlan0 then create an additional route for the remote subnet if it's not there: # ip route add 10.10.20.0/24 via 172.16.1.1 dev wlan0 Where 10.10.20.0/24 is your work's subnet and 172.16.1.1 is the local VPN IP address for your PC. Something along these lines ought to work. -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.
