0

When I disconnect from my company's VPN in Ubuntu 21.10 (using Gnome GUI for VPN connect/disconnect), I do not have previous DNS server entries in /etc/resolv.conf. Can anybody help sorting this issue out? I will list the states below and try to explain it briefly:

After boot of Ubuntu, DNS server is correct - my local router's IP:

$ ls -al /etc/resolv.conf
lrwxrwxrwx 1 root root 34 apr 22 15:44 /etc/resolv.conf -> ../run/systemd/resolve/resolv.conf

$ cat /etc/resolv.conf | grep nameserver
nameserver 192.168.2.1

After VPN is connected, my company's DNS servers are added (note there is also 192.168.2.106 what I have no clue where comes from --> this used to be my local DNS server in the past but it does not exist anymore, so this is a first mystery for me - where this IP is taken from):

$ cat /etc/resolv.conf | grep nameserver
nameserver 21x.xx.xx.x0
nameserver 21x.xx.xx.x1
nameserver 192.168.2.106

After I disconnect the VPN - notice 2xx.xx.xx.x1 is being kept, sometimes it is even on the 1st place so it tries to use my company's DNS what is wrong:

$ cat /etc/resolv.conf | grep nameserver
nameserver 192.168.2.1
nameserver 2xx.xx.xx.x1

In journal log I found this error, not sure whether it is related:

systemd-resolved[1580]: Failed to save link data /run/systemd/resolve/netif/6: Permission denied

Any help is appreciated.

EDIT: adding some further information below. My company uses Palo Alto Global Protect VPN, I connect to it using network-manager-openconnect-gnome. I did not install any other 3rd party vpn related software. But the DNS problem I describe is present also when I connect to my personal openvpn server. My personal VPN server is configured to push 8.8.8.8 and 8.8.4.4 as DNS servers. See below, the problem is present also with this VPN.

Clean boot:

$ cat /etc/resolv.conf | grep nameserver
nameserver 192.168.2.1

Openvpn connect:

$ cat /etc/resolv.conf | grep nameserver
nameserver 8.8.8.8
nameserver 8.8.4.4

Openvpn disconnected (see one DNS from vpn was kept):

$ cat /etc/resolv.conf | grep nameserver
nameserver 192.168.2.1
nameserver 8.8.4.4
user241281
  • 411
  • 1
  • 5
  • 14
  • Since this is your company's VPN it may be hard to troubleshoot. Could you edit your question and add the following: Which protocol does the company VPN use, openvpn, wireguard, something else? Which apps did you install? Please describe the exact steps you followed, such as installation of additional software, download of files, configuration, etc. – user68186 May 23 '22 at 19:58
  • I added some further information. Note the problem is a genera VPN problem and not related to specific VPN. The company for which I work use Palo Alto GP VPN and I use other personal openconnect VPN and the problem is present for both. Simply network manager does not restore the "previous non-vpn" DNS server from some reason. – user241281 May 24 '22 at 06:15
  • It sounds like you have found a bug! Consider reporting the bug assuming it has not been reported already. If the bug was reported, add yourself to the "This bug affects me". Bugs are off topic here. – user68186 May 24 '22 at 14:02
  • I opened a bug. But now I tested the same issue in Ubuntu 22.04 LTS. There the problem is not reproducible so I doubt somebody will fix it in an old non-LTS version. I do not use 22.04 LTS yet as there is another bug - Palo Alto Global Protect VPN can't be activated via Network Manager's GUI... – user241281 May 25 '22 at 09:48
  • Can you reproduce the bug in 20.04? Even though 20.10 will be EOL in a few months, 20.04 LTS will be supported for a few years. – user68186 May 25 '22 at 13:40
  • Yes, the issue is present also in 20.04. Although it was not reproduced with the first VPN connect/disconnect but then further VPN disconnection did not restore the DNS servers properly. – user241281 May 26 '22 at 05:04

0 Answers0