Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
rafalnarowski
New Contributor II

Created on ‎06-04-2022 12:33 PM Edited on ‎06-07-2022 12:41 AM

VPN connection not working after update to Ubuntu 22.04

Hi,

 

I've been using FortiClient VPN on Ubuntu 20.04 and have no problems. 

Last week I have installed Ubuntu 22.04 from scratch and have several issues connecting to company VPN. 

 

Today I've manage to connect to company VPN but no `bytes received` has to come.

Screenshot from 2022-06-04 21-25-27.png

Logs shows, that some routes are failed to add:
e.g. [sslvpn:DEBG] route:475 Failed add route: addr XX.X.X.X netmask 255.255.0.0 gw XX.X.XXX.X dev vpn
this command fails several times.

 

Could someone help me with this?

 

Also sometimes connecion is not established and have this error in logs: [sslvpn:DEBG] main:1457 exception: Backup routing table failed

 

Regards.

Labels:
28905
0 Kudos
1 Solution
rafalnarowski
New Contributor II

Created on ‎06-20-2022 12:54 AM

Hello, thank's to @Anthony_E  i was able to find solution.

I made changes described here: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1960268/comments/32

 

 

Regards.

View solution in original post

28517
13 REPLIES 13
sw2090
Honored Contributor

Created on ‎06-21-2022 01:23 AM

Maybe it is AppArmor striking you?
I once had an isse with strongswan not setting the DNS servers because AppArmor didn't allow it to write to the resolve.conf.

Maybe something similar is happening here?

I don't run ssl vpn nor forticlient on ubuntu (hence the linux version still lacks any ipsec support) so I cannot verfiy nor test it.

-- 

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

-- "It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
6554
claudemir
New Contributor II
In response to sw2090

Created on ‎07-05-2022 01:45 PM Edited on ‎07-05-2022 01:48 PM

@sw2090 How did you change the permissions of the resolv.conf? Or you did disable apparmor? I want to try with forticlient.

 

Sure of your understanding and grateful for your contribution.

6434
0 Kudos
sw2090
Honored Contributor

Created on ‎07-11-2022 05:12 AM

I changed the AppArmor profile for strongswan to allow writing to the resolv.conf.

-- 

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

-- "It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
6374
0 Kudos
SlavaS
New Contributor II

Created on ‎08-23-2022 01:51 PM

I found this solution in another forum, worked for me - 

(https://community.fortinet.com/t5/Fortinet-Forum/DNS-settings-on-Ubuntu-22-04-and-FortiClient-VPN-7-...)

 

you need to edit NM config

sudo vi /etc/NetworkManager/NetworkManager.conf

and append the following:

 

[keyfile]
unmanaged-devices=interface-name:vpn*,except:interface-name:enp0s3;interface-name:wlan*

 

then restart your service

$ sudo systemctl restart NetworkManager.service

 

5990
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.