Looks like that's still a bug in Xenial… :-(
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to network-manager-openvpn in Ubuntu.
https://bugs.launchpad.net/bugs/1012533
Title:
No route to VPN server added when connected via Mobile Broadband
Status in network-manager-openvpn package in Ubuntu:
Confirmed
Bug description:
Ubuntu 12.04 LTS
network-manager-openvpn 0.9.4.0-ubuntu1
I'm trying to use OpenVPN via Network Manager in a configuration that passes
all traffic over the VPN tunnel (i.e. the default route is set to tun0).
This works fine when using wifi as the underlying network connection,
but does not work when I use UMTS ("Mobile Broadband") as the
underlying connection. (Both connections work fine for accessing the
Internet without VPN.)
The tunnel is established but no traffic is passed over it, because
the routing table is wrong.
Using OpenVPN over wifi, the routing table looks something like this
after the VPN connection is established:
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.1.1.53 0.0.0.0 UG 0 0 0 tun0
[...]
10.1.1.53 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
[...]
172.16.250.0 0.0.0.0 255.255.255.0 U 2 0 0 wlan0
192.0.2.115 172.16.250.254 255.255.255.255 UGH 0 0 0 wlan0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlan0
[...]
As you can see, there is a host route to the VPN server (192.0.2.115), and a
default route to the tunnel interface. Thus, everything works as expected.
(I have redacted our internal routes that are pushed via OpenVPN and are also
in the routing table, because they are not relevant for this problem.)
Using Mobile Broadband, the routing table looks something like this
(without VPN)
# ifconfig hso0
hso0 Link encap:UNSPEC HWaddr
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:93.111.28.239 P-t-P:93.111.28.239 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1486 Metric:1
RX packets:437 errors:0 dropped:0 overruns:0 frame:0
TX packets:442 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:10
RX bytes:46787 (46.7 KB) TX bytes:95946 (95.9 KB)
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 hso0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 hso0
After the VPN connection is established, it looks something like this:
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.222.193.53 0.0.0.0 UG 0 0 0 tun0
[...]
10.222.193.53 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 hso0
[...]
There is a default route to the tunnel interface, but no host route to
the VPN server. Therefor, the VPN-encapsulated datagrams are sent to
the VPN interface once again, which clearly is not right.
Why does Network Manager not add the host route like it does when
connected over wifi? Is it because hso0 is a P-t-P link?
To work around this, I currently run
# ip route add 192.0.2.115/32 dev hso0
which solves the problem, but it's annoying to have to do this by hand
every time.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager-openvpn/+bug/1012533/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
