I’m trying to use openconnect to connect to my organisation’s VPN. My organisation has purchased GlobalProtect but never thought that people will access the systems using Linux OS. So i am using openconnect with these commands as root:
That may mean very different things for different people. Please explain what exactly are you trying to do when it “stops working”, what do you expect and what do you observe.
Also please post output of the following commands before and after you established VPN connection.
Thanks for your reply. I have openconnect version 8.10 installed from network repo.
Once, as root in a terminal, the connection is established, my internet connection stops ie i cannot browse any sites. I can again connect to the net once i kill the VPN connection by pressing Ctrl+C. I don’t know what else to say.
Before establishing VPN connection:
ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
link/ether 58:8a:5a:30:0c:50 brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 9c:30:5b:bc:f0:69 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.5/24 brd 192.168.1.255 scope global dynamic noprefixroute wlan0
valid_lft 81277sec preferred_lft 81277sec
inet6 fe80::1056:c35e:89cd:b1e4/64 scope link noprefixroute
valid_lft forever preferred_lft forever
ip r
default via 192.168.1.1 dev wlan0 proto dhcp metric 600
192.168.1.0/24 dev wlan0 proto kernel scope link src 192.168.1.5 metric 600
ip -6 r
::1 dev lo proto kernel metric 256 pref medium
fe80::/64 dev wlan0 proto kernel metric 600 pref medium
cat /etc/resolv.conf
### /etc/resolv.conf is a symlink to /var/run/netconfig/resolv.conf
### autogenerated by netconfig!
#
# Before you change this file manually, consider to define the
# static DNS configuration using the following variables in the
# /etc/sysconfig/network/config file:
# NETCONFIG_DNS_STATIC_SEARCHLIST
# NETCONFIG_DNS_STATIC_SERVERS
# NETCONFIG_DNS_FORWARDER
# or disable DNS configuration updates via netconfig by setting:
# NETCONFIG_DNS_POLICY=''
#
# See also the netconfig(8) manual page and other documentation.
#
### Call "netconfig update -f" to force adjusting of /etc/resolv.conf.
nameserver 61.0.2.2
nameserver 8.8.8.8
**After establishing VPN connection using openconnect --protocol=gp --script /etc/openconnect/vpnc-script https://ipaddr -u username:
** ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
link/ether 58:8a:5a:30:0c:50 brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 9c:30:5b:bc:f0:69 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.5/24 brd 192.168.1.255 scope global dynamic noprefixroute wlan0
valid_lft 80635sec preferred_lft 80635sec
inet6 fe80::1056:c35e:89cd:b1e4/64 scope link noprefixroute
valid_lft forever preferred_lft forever
17: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1422 qdisc pfifo_fast state UNKNOWN group default qlen 500
link/none
inet 192.168.100.19/32 scope global tun0
valid_lft forever preferred_lft forever
inet6 fe80::c250:9591:f963:b080/64 scope link stable-privacy
valid_lft forever preferred_lft forever
**ip r
**
default dev tun0 scope link
default via 192.168.1.1 dev wlan0 proto dhcp metric 600
14.139.53.129 via 192.168.1.1 dev wlan0 src 192.168.1.5
192.168.1.0/24 dev wlan0 proto kernel scope link src 192.168.1.5 metric 600
192.168.100.19 dev tun0 scope link
ip -6 r
::1 dev lo proto kernel metric 256 pref medium
fe80::/64 dev tun0 proto kernel metric 256 pref medium
fe80::/64 dev wlan0 proto kernel metric 600 pref medium
cat /etc/resolv.conf
### /etc/resolv.conf is a symlink to /var/run/netconfig/resolv.conf
### autogenerated by netconfig!
#
# Before you change this file manually, consider to define the
# static DNS configuration using the following variables in the
# /etc/sysconfig/network/config file:
# NETCONFIG_DNS_STATIC_SEARCHLIST
# NETCONFIG_DNS_STATIC_SERVERS
# NETCONFIG_DNS_FORWARDER
# or disable DNS configuration updates via netconfig by setting:
# NETCONFIG_DNS_POLICY=''
#
# See also the netconfig(8) manual page and other documentation.
#
### Call "netconfig update -f" to force adjusting of /etc/resolv.conf.
nameserver 61.0.2.2
nameserver 8.8.8.8
Please always copy and paste full lines with command, its output and subsequent shell prompt. This way we know that output was actually produced by this command and that the output is complete.
default dev tun0 scope link
Your VPN connection installs default route via your VPN server. You said “organization”; it is quite likely that your organization does not allow direct Internet connection. Mine organization certainly does not
To verify, you can provide output of
ip route get 8.8.8.8
ping 8.8.8.8
ping -4 dns.google