You are not logged in.
- Topics: Active | Unanswered
#1 2014-07-04 08:12:41
- Squarex
- Member
- Registered: 2012-07-08
- Posts: 6
[SOLVED] Make NetworkManager disconnect after VPN connection is lost
Hi,
I'm using NetworkManager with OpenVPN. The problem is when the connection to the VPN is lost, the traffic flows unencrypted. I need it to transmit no data when it isn't connected to the VPN. How to make it disconnect from physical network after VPN connection is lost? Would it be possible using NetworkManager dispatcher?
Last edited by Squarex (2014-07-04 20:20:02)
Offline
#2 2014-07-04 15:57:40
- Rob_H
- Member
- Registered: 2012-06-19
- Posts: 72
Re: [SOLVED] Make NetworkManager disconnect after VPN connection is lost
You could probably use the NetworkManager dispatcher for this. The nmcli command can shutdown the interface programmatically from a script.
But you might be able to achieve the same thing without a script by setting a static default route that sends traffic ONLY to the VPN gateway. That way if the VPN gets disconnected, the traffic has nowhere to go. This assumes that the internal VPN gateway address doesn't change and is on a non-routable subnet like 10.0.0.0/8.
Offline
#3 2014-07-04 17:36:49
- Squarex
- Member
- Registered: 2012-07-08
- Posts: 6
Re: [SOLVED] Make NetworkManager disconnect after VPN connection is lost
But you might be able to achieve the same thing without a script by setting a static default route that sends traffic ONLY to the VPN gateway. That way if the VPN gets disconnected, the traffic has nowhere to go. This assumes that the internal VPN gateway address doesn't change and is on a non-routable subnet like 10.0.0.0/8.
Thanks. I probably could, but I would rather be able to use multiple OpenVPN servers (because the provider I use normally chooses the least loaded VPN server). How can I set default route to network that is not connectable at the moment? Using route add command I get SIOCADDRT: Network is unreachable, when I tried to change it in gui (plasma-nm), it won't save and changing config file doesn't seem to change anything.
Offline
#4 2014-07-04 18:05:03
- firecat53
- Member
- From: Lake Stevens, WA, USA
- Registered: 2007-05-14
- Posts: 1,542
- Website
Re: [SOLVED] Make NetworkManager disconnect after VPN connection is lost
This seems to work well after brief testing. Puts my wifi down if I turn off the VPN. You'd have to test and see if it would pick up when the VPN dies on its own.
-rwxr--r-- 1 root root 151 Jul 4 10:55 /etc/NetworkManager/dispatcher.d/vpn
#!/bin/sh
### Kill connection when VPN stops
if [ $2 == 'vpn-down' ]; then
nmcli dev disconnect iface $(nmcli --terse --fields DEVICE dev status)
fiScott
Last edited by firecat53 (2014-07-04 18:06:09)
Offline
#5 2014-07-04 20:17:59
- Squarex
- Member
- Registered: 2012-07-08
- Posts: 6
Re: [SOLVED] Make NetworkManager disconnect after VPN connection is lost
This seems to work well after brief testing. Puts my wifi down if I turn off the VPN. You'd have to test and see if it would pick up when the VPN dies on its own.
-rwxr--r-- 1 root root 151 Jul 4 10:55 /etc/NetworkManager/dispatcher.d/vpn #!/bin/sh ### Kill connection when VPN stops if [ $2 == 'vpn-down' ]; then nmcli dev disconnect iface $(nmcli --terse --fields DEVICE dev status) fiScott
Thank you. It seems to work. I will test if it works everytime.
Last edited by Squarex (2014-07-04 20:19:00)
Offline