Hi,
I've been using FortiClient VPN on Ubuntu 20.04 and have no problems.
Last week I have installed Ubuntu 22.04 from scratch and have several issues connecting to company VPN.
Today I've manage to connect to company VPN but no `bytes received` has to come.
Logs shows, that some routes are failed to add:
e.g. [sslvpn:DEBG] route:475 Failed add route: addr XX.X.X.X netmask 255.255.0.0 gw XX.X.XXX.X dev vpn
this command fails several times.
Could someone help me with this?
Also sometimes connecion is not established and have this error in logs: [sslvpn:DEBG] main:1457 exception: Backup routing table failed
Regards.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello, thank's to @Anthony_E i was able to find solution.
I made changes described here: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1960268/comments/32
Regards.
Maybe it is AppArmor striking you?
I once had an isse with strongswan not setting the DNS servers because AppArmor didn't allow it to write to the resolve.conf.
Maybe something similar is happening here?
I don't run ssl vpn nor forticlient on ubuntu (hence the linux version still lacks any ipsec support) so I cannot verfiy nor test it.
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Created on 07-05-2022 01:45 PM Edited on 07-05-2022 01:48 PM
@sw2090 How did you change the permissions of the resolv.conf? Or you did disable apparmor? I want to try with forticlient.
Sure of your understanding and grateful for your contribution.
I changed the AppArmor profile for strongswan to allow writing to the resolv.conf.
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
I found this solution in another forum, worked for me -
you need to edit NM config
sudo vi /etc/NetworkManager/NetworkManager.conf
and append the following:
[keyfile]
unmanaged-devices=interface-name:vpn*,except:interface-name:enp0s3;interface-name:wlan*
then restart your service
$ sudo systemctl restart NetworkManager.service
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1692 | |
1087 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.