Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
rafalnarowski
New Contributor II

VPN connection not working after update to Ubuntu 22.04

Hi,

 

I've been using FortiClient VPN on Ubuntu 20.04 and have no problems. 

Last week I have installed Ubuntu 22.04 from scratch and have several issues connecting to company VPN. 

 

Today I've manage to connect to company VPN but no `bytes received` has to come.

Screenshot from 2022-06-04 21-25-27.png

Logs shows, that some routes are failed to add:
e.g. [sslvpn:DEBG] route:475 Failed add route: addr XX.X.X.X netmask 255.255.0.0 gw XX.X.XXX.X dev vpn
this command fails several times.

 

Could someone help me with this?

 

Also sometimes connecion is not established and have this error in logs: [sslvpn:DEBG] main:1457 exception: Backup routing table failed

 

Regards.

1 Solution
rafalnarowski
New Contributor II

Hello, thank's to @Anthony_E  i was able to find solution.

I made changes described here: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1960268/comments/32

 

 

Regards.

View solution in original post

13 REPLIES 13
sw2090
SuperUser
SuperUser

Maybe it is AppArmor striking you?
I once had an isse with strongswan not setting the DNS servers because AppArmor didn't allow it to write to the resolve.conf.

Maybe something similar is happening here?

I don't run ssl vpn nor forticlient on ubuntu (hence the linux version still lacks any ipsec support) so I cannot verfiy nor test it.

-- 

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

-- "It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
claudemir
New Contributor II

@sw2090 How did you change the permissions of the resolv.conf? Or you did disable apparmor? I want to try with forticlient.

 

Sure of your understanding and grateful for your contribution.

sw2090
SuperUser
SuperUser

I changed the AppArmor profile for strongswan to allow writing to the resolv.conf.

-- 

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

-- "It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
SlavaS
New Contributor II

I found this solution in another forum, worked for me - 

(https://community.fortinet.com/t5/Fortinet-Forum/DNS-settings-on-Ubuntu-22-04-and-FortiClient-VPN-7-...)

 

you need to edit NM config

sudo vi /etc/NetworkManager/NetworkManager.conf

and append the following:

 

[keyfile]
unmanaged-devices=interface-name:vpn*,except:interface-name:enp0s3;interface-name:wlan*

 

then restart your service

$ sudo systemctl restart NetworkManager.service

 

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors