You are not logged in.

#1 2016-04-18 18:19:43

HerbertJones
Member
Registered: 2012-10-04
Posts: 3

VPN routing no longer works with linux-4.5-1. Fine with linux-4.4.5-1.

As far as I can tell, nothing else has changed.  I rolled back to 4.4.5 after debugging.  Routing tables same and connection setup correctly.  However with 4.5, no data appears to be transmitted across VPN tunnel.  Trying to ping IP behind VPN connection results in(after waiting a minute or more):

ping: sendmsg: No buffer space available

I don't see any errors in the VPN connection logs nor in journalctl.  "ip route get" shows VPN tunnel correct for both kernels, but only 4.4.5 works.

Last edited by HerbertJones (2016-04-18 18:21:15)

Offline

#2 2016-04-18 18:33:26

dhiru1602
Member
Registered: 2015-01-28
Posts: 13

Re: VPN routing no longer works with linux-4.5-1. Fine with linux-4.4.5-1.

What kind of VPN are you trying to connect to? OpenVPN or PPTP or something else?

Check your network connection MTU to make sure it's set to proper value.

Offline

#3 2016-04-19 01:16:41

Buddlespit
Member
From: Chesapeake, Va.
Registered: 2014-02-07
Posts: 501

Re: VPN routing no longer works with linux-4.5-1. Fine with linux-4.4.5-1.

Ya, gonna need a lot more info. My VPN seems to be working properly:

$ uname -a
Linux Pats_Main 4.5.0-1-ARCH #1 SMP PREEMPT Tue Mar 15 09:41:03 CET 2016 x86_64 GNU/Linux
$ ifconfig
enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.57  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::d250:99ff:fe51:55d7  prefixlen 64  scopeid 0x20<link>
        ether d0:50:99:51:55:d7  txqueuelen 1000  (Ethernet)
        RX packets 96135  bytes 75057100 (71.5 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 72999  bytes 12460946 (11.8 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 29  

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1  (Local Loopback)
        RX packets 6  bytes 300 (300.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 6  bytes 300 (300.0 B)                                                                                                                    
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0                                                                                           
                                                                                                                                                             
tap0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500                                                                                                   
        inet 10.10.10.22  netmask 255.255.255.0  broadcast 10.10.10.255                                                                                      
        inet6 fe80::348c:ff:fea6:3bb3  prefixlen 64  scopeid 0x20<link>                                                                                      
        ether 36:8c:00:a6:3b:b3  txqueuelen 100  (Ethernet)                                                                                                  
        RX packets 220  bytes 64466 (62.9 KiB)                                                                                                               
        RX errors 0  dropped 0  overruns 0  frame 0                                                                                                          
        TX packets 328  bytes 48233 (47.1 KiB)                                                                                                               
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0                                                                                           
$ ping -c3 google.com
PING google.com (172.217.1.110) 56(84) bytes of data.
64 bytes from yyz08s09-in-f14.1e100.net (172.217.1.110): icmp_seq=1 ttl=55 time=60.1 ms
64 bytes from yyz08s09-in-f14.1e100.net (172.217.1.110): icmp_seq=2 ttl=55 time=58.4 ms
64 bytes from yyz08s09-in-f14.1e100.net (172.217.1.110): icmp_seq=3 ttl=55 time=59.2 ms

--- google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 58.407/59.261/60.148/0.711 ms

Offline

#4 2016-04-21 16:10:31

safrax
Member
Registered: 2011-06-04
Posts: 13

Re: VPN routing no longer works with linux-4.5-1. Fine with linux-4.4.5-1.

I'm experiencing this too using a Juniper SSL VPN with either openconnect or juniper's network connect client.

Offline

#5 2016-04-30 19:55:42

orgads
Member
Registered: 2016-04-30
Posts: 1

Re: VPN routing no longer works with linux-4.5-1. Fine with linux-4.4.5-1.

Same here with debian sid. Does anyone has a solution? A way to trace the problem?

Offline

#6 2016-05-17 00:50:51

HerbertJones
Member
Registered: 2012-10-04
Posts: 3

Re: VPN routing no longer works with linux-4.5-1. Fine with linux-4.4.5-1.

I've switched to the openconnect client as I am unable to find an official updated Juniper client for Linux.

pacman -S openconnect

#!/bin/bash

# Add your credentials
declare -r vpn_user="Your username"
declare -r vpn_password="Your password"

declare -r connect_hostname="Your VPN host"

main()
{
  echo -n "${vpn_password}" |
    /usr/bin/openconnect \
      --juniper \
      --user="${vpn_user}" \
      --passwd-on-stdin \
      "${connect_hostname}"
}

main

Offline

#7 2016-06-08 12:54:24

yaroslav
Member
Registered: 2010-01-11
Posts: 3

Re: VPN routing no longer works with linux-4.5-1. Fine with linux-4.4.5-1.

I have the same problem with Juniper Network Connect on 4.5.5 kernel. Any suggestions on how to debug it?

Offline

Board footer

Powered by FluxBB