default gateway problem (maybe network-manager?)
Posted: Fri Sep 02, 2016 8:50 am
Hi,
Sorry, for my poor English.
The aim would be to go to the client's overall network traffic through the VPN.
Windows client it works, so I think that the my vpn server configuration is OK.
My system is up-to-date Debian Jessie x64, Softether VPN Client (and Server)
version 4.20, Build 9608, rtm (2016. 04. 17.).
My laptop wireless interface is configured in the network-manager program. I
rebooted my laptop between two test.
# dpkg -l isc-dhcp-client network-manager | sed 1,6d
ii isc-dhcp-client 4.3.1-6+deb8u2 amd64 DHCP client for automatically obtaining an IP address
ii network-manager 0.9.10.0-7 amd64 network management framework (daemon and userspace tools)
----------------------------------------------------------------------------
First test (dhclient routers option)
----------------------------------------------------------------------------
# ip route
default via 192.168.132.1 dev wlan0 proto static metric 1024
192.168.132.0/24 dev wlan0 proto kernel scope link src 192.168.132.127
# /opt/vpnclient/vpnclient start
The SoftEther VPN Client service has been started.
# ifconfig vpn_vpn
vpn_vpn Link encap:Ethernet HWaddr 00:00:00:00:00:01
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
# /opt/vpnclient/vpncmd localhost /CLIENT
vpncmd command - SoftEther VPN Command Line Management Utility
SoftEther VPN Command Line Management Utility (vpncmd command)
Version 4.20 Build 9608 (English)
Compiled 2016/04/17 21:59:35 by yagi at pc30
Copyright (c) SoftEther VPN Project. All Rights Reserved.
Connected to VPN Client "localhost".
VPN Client>accountlist
AccountList command - Get List of VPN Connection Settings
Item |Value
----------------------------+------------------------------------------------
VPN Connection Setting Name |MyTestVPN
Status |Offline
VPN Server Hostname |my.vpn.server.hu:443 (Direct TCP/IP Connection)
Virtual Hub |TestHUB
Virtual Network Adapter Name|vpn
The command completed successfully.
VPN Client>accountconnect MyTestVPN
AccountConnect command - Start Connection to VPN Server using VPN Connection Setting
The command completed successfully.
VPN Client>accountlist
AccountList command - Get List of VPN Connection Settings
Item |Value
----------------------------+------------------------------------------------
VPN Connection Setting Name |MyTestVPN
Status |Connected
VPN Server Hostname |my.vpn.server.hu:443 (Direct TCP/IP Connection)
Virtual Hub |TestHUB
Virtual Network Adapter Name|vpn
The command completed successfully.
VPN Client>quit
# cat /root/dhclient.conf
option rfc3442-classless-static-routes code 121 = array of unsigned integer 8;
send host-name = gethostname();
request subnet-mask, broadcast-address,
domain-name, domain-name-servers, domain-search,
interface-mtu, rfc3442-classless-static-routes,
routers;
# ip route
default via 192.168.132.1 dev wlan0 proto static metric 1024
192.168.132.0/24 dev wlan0 proto kernel scope link src 192.168.132.127
# dhclient -4 -d -v -cf /root/dhclient.conf -pf /var/run/dhclient-vpn_vpn.pid vpn_vpn
Internet Systems Consortium DHCP Client 4.3.1
Copyright 2004-2014 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Listening on LPF/vpn_vpn/00:00:00:00:00:01
Sending on LPF/vpn_vpn/00:00:00:00:00:01
Sending on Socket/fallback
DHCPDISCOVER on vpn_vpn to 255.255.255.255 port 67 interval 7
DHCPREQUEST on vpn_vpn to 255.255.255.255 port 67
DHCPOFFER from 192.168.1.242
DHCPACK from 192.168.1.242
bound to 192.168.1.3 -- renewal in 10576 seconds.
# ip route
default via 192.168.1.254 dev vpn_vpn
default via 192.168.132.1 dev wlan0 proto static metric 1024
192.168.1.0/24 dev vpn_vpn proto kernel scope link src 192.168.1.3
192.168.132.0/24 dev wlan0 proto kernel scope link src 192.168.132.127
# ping 192.168.1.2
PING 192.168.1.2 (192.168.1.2) 56(84) bytes of data.
From 192.168.1.3 icmp_seq=1 Destination Host Unreachable
From 192.168.1.3 icmp_seq=2 Destination Host Unreachable
From 192.168.1.3 icmp_seq=3 Destination Host Unreachable
^C
--- 192.168.1.2 ping statistics ---
4 packets transmitted, 0 received, +3 errors, 100% packet loss, time 3014ms
----------------------------------------------------------------------------
----------------------------------------------------------------------------
Second test (dhclient no routers option)
----------------------------------------------------------------------------
# ip route
default via 192.168.132.1 dev wlan0 proto static metric 1024
192.168.132.0/24 dev wlan0 proto kernel scope link src 192.168.132.127
# /opt/vpnclient/vpnclient start
The SoftEther VPN Client service has been started.
# ifconfig vpn_vpn
vpn_vpn Link encap:Ethernet HWaddr 00:00:00:00:00:01
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
# /opt/vpnclient/vpncmd localhost /CLIENT
vpncmd command - SoftEther VPN Command Line Management Utility
SoftEther VPN Command Line Management Utility (vpncmd command)
Version 4.20 Build 9608 (English)
Compiled 2016/04/17 21:59:35 by yagi at pc30
Copyright (c) SoftEther VPN Project. All Rights Reserved.
Connected to VPN Client "localhost".
VPN Client>accountlist
AccountList command - Get List of VPN Connection Settings
Item |Value
----------------------------+------------------------------------------------
VPN Connection Setting Name |MyTestVPN
Status |Offline
VPN Server Hostname |my.vpn.server.hu:443 (Direct TCP/IP Connection)
Virtual Hub |TestHUB
Virtual Network Adapter Name|vpn
The command completed successfully.
VPN Client>accountconnect MyTestVPN
AccountConnect command - Start Connection to VPN Server using VPN Connection Setting
The command completed successfully.
VPN Client>accountlist
AccountList command - Get List of VPN Connection Settings
Item |Value
----------------------------+------------------------------------------------
VPN Connection Setting Name |MyTestVPN
Status |Connected
VPN Server Hostname |my.vpn.server.hu:443 (Direct TCP/IP Connection)
Virtual Hub |TestHUB
Virtual Network Adapter Name|vpn
The command completed successfully.
VPN Client>quit
# cat /root/dhclient-no-routers.conf
option rfc3442-classless-static-routes code 121 = array of unsigned integer 8;
send host-name = gethostname();
request subnet-mask, broadcast-address,
domain-name, domain-name-servers, domain-search,
interface-mtu, rfc3442-classless-static-routes;
# ip route
default via 192.168.132.1 dev wlan0 proto static metric 1024
192.168.132.0/24 dev wlan0 proto kernel scope link src 192.168.132.127
# dhclient -4 -d -v -cf /root/dhclient-no-routers.conf -pf /var/run/dhclient-vpn_vpn.pid vpn_vpn
Internet Systems Consortium DHCP Client 4.3.1
Copyright 2004-2014 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Listening on LPF/vpn_vpn/00:00:00:00:00:01
Sending on LPF/vpn_vpn/00:00:00:00:00:01
Sending on Socket/fallback
DHCPREQUEST on vpn_vpn to 255.255.255.255 port 67
DHCPACK from 192.168.1.242
bound to 192.168.1.3 -- renewal in 10659 seconds.
# ip route
default via 192.168.132.1 dev wlan0 proto static metric 1024
192.168.1.0/24 dev vpn_vpn proto kernel scope link src 192.168.1.3
192.168.132.0/24 dev wlan0 proto kernel scope link src 192.168.132.127
# ping 192.168.1.2 -c 3
PING 192.168.1.2 (192.168.1.2) 56(84) bytes of data.
64 bytes from 192.168.1.2: icmp_seq=1 ttl=64 time=288 ms
64 bytes from 192.168.1.2: icmp_seq=2 ttl=64 time=55.3 ms
64 bytes from 192.168.1.2: icmp_seq=3 ttl=64 time=169 ms
--- 192.168.1.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 55.329/170.905/288.316/95.125 ms
----------------------------------------------------------------------------
----------------------------------------------------------------------------
The difference between the two tests
----------------------------------------------------------------------------
First test route (after dhclient start)
default via 192.168.1.254 dev vpn_vpn (this line is difference the two test result)
default via 192.168.132.1 dev wlan0 proto static metric 1024
192.168.1.0/24 dev vpn_vpn proto kernel scope link src 192.168.1.3
192.168.132.0/24 dev wlan0 proto kernel scope link src 192.168.132.127
Second test route (after dhclient start, no routers option)
default via 192.168.132.1 dev wlan0 proto static metric 1024
192.168.1.0/24 dev vpn_vpn proto kernel scope link src 192.168.1.3
192.168.132.0/24 dev wlan0 proto kernel scope link src 192.168.132.127
----------------------------------------------------------------------------
The aim would be to go to the client's overall network traffic through the VPN.
In this case the second test is not satisfied. However, in the first test does
not work in the communication to the VPN.
--
Sincerely
Zsiga
Sorry, for my poor English.
The aim would be to go to the client's overall network traffic through the VPN.
Windows client it works, so I think that the my vpn server configuration is OK.
My system is up-to-date Debian Jessie x64, Softether VPN Client (and Server)
version 4.20, Build 9608, rtm (2016. 04. 17.).
My laptop wireless interface is configured in the network-manager program. I
rebooted my laptop between two test.
# dpkg -l isc-dhcp-client network-manager | sed 1,6d
ii isc-dhcp-client 4.3.1-6+deb8u2 amd64 DHCP client for automatically obtaining an IP address
ii network-manager 0.9.10.0-7 amd64 network management framework (daemon and userspace tools)
----------------------------------------------------------------------------
First test (dhclient routers option)
----------------------------------------------------------------------------
# ip route
default via 192.168.132.1 dev wlan0 proto static metric 1024
192.168.132.0/24 dev wlan0 proto kernel scope link src 192.168.132.127
# /opt/vpnclient/vpnclient start
The SoftEther VPN Client service has been started.
# ifconfig vpn_vpn
vpn_vpn Link encap:Ethernet HWaddr 00:00:00:00:00:01
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
# /opt/vpnclient/vpncmd localhost /CLIENT
vpncmd command - SoftEther VPN Command Line Management Utility
SoftEther VPN Command Line Management Utility (vpncmd command)
Version 4.20 Build 9608 (English)
Compiled 2016/04/17 21:59:35 by yagi at pc30
Copyright (c) SoftEther VPN Project. All Rights Reserved.
Connected to VPN Client "localhost".
VPN Client>accountlist
AccountList command - Get List of VPN Connection Settings
Item |Value
----------------------------+------------------------------------------------
VPN Connection Setting Name |MyTestVPN
Status |Offline
VPN Server Hostname |my.vpn.server.hu:443 (Direct TCP/IP Connection)
Virtual Hub |TestHUB
Virtual Network Adapter Name|vpn
The command completed successfully.
VPN Client>accountconnect MyTestVPN
AccountConnect command - Start Connection to VPN Server using VPN Connection Setting
The command completed successfully.
VPN Client>accountlist
AccountList command - Get List of VPN Connection Settings
Item |Value
----------------------------+------------------------------------------------
VPN Connection Setting Name |MyTestVPN
Status |Connected
VPN Server Hostname |my.vpn.server.hu:443 (Direct TCP/IP Connection)
Virtual Hub |TestHUB
Virtual Network Adapter Name|vpn
The command completed successfully.
VPN Client>quit
# cat /root/dhclient.conf
option rfc3442-classless-static-routes code 121 = array of unsigned integer 8;
send host-name = gethostname();
request subnet-mask, broadcast-address,
domain-name, domain-name-servers, domain-search,
interface-mtu, rfc3442-classless-static-routes,
routers;
# ip route
default via 192.168.132.1 dev wlan0 proto static metric 1024
192.168.132.0/24 dev wlan0 proto kernel scope link src 192.168.132.127
# dhclient -4 -d -v -cf /root/dhclient.conf -pf /var/run/dhclient-vpn_vpn.pid vpn_vpn
Internet Systems Consortium DHCP Client 4.3.1
Copyright 2004-2014 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Listening on LPF/vpn_vpn/00:00:00:00:00:01
Sending on LPF/vpn_vpn/00:00:00:00:00:01
Sending on Socket/fallback
DHCPDISCOVER on vpn_vpn to 255.255.255.255 port 67 interval 7
DHCPREQUEST on vpn_vpn to 255.255.255.255 port 67
DHCPOFFER from 192.168.1.242
DHCPACK from 192.168.1.242
bound to 192.168.1.3 -- renewal in 10576 seconds.
# ip route
default via 192.168.1.254 dev vpn_vpn
default via 192.168.132.1 dev wlan0 proto static metric 1024
192.168.1.0/24 dev vpn_vpn proto kernel scope link src 192.168.1.3
192.168.132.0/24 dev wlan0 proto kernel scope link src 192.168.132.127
# ping 192.168.1.2
PING 192.168.1.2 (192.168.1.2) 56(84) bytes of data.
From 192.168.1.3 icmp_seq=1 Destination Host Unreachable
From 192.168.1.3 icmp_seq=2 Destination Host Unreachable
From 192.168.1.3 icmp_seq=3 Destination Host Unreachable
^C
--- 192.168.1.2 ping statistics ---
4 packets transmitted, 0 received, +3 errors, 100% packet loss, time 3014ms
----------------------------------------------------------------------------
----------------------------------------------------------------------------
Second test (dhclient no routers option)
----------------------------------------------------------------------------
# ip route
default via 192.168.132.1 dev wlan0 proto static metric 1024
192.168.132.0/24 dev wlan0 proto kernel scope link src 192.168.132.127
# /opt/vpnclient/vpnclient start
The SoftEther VPN Client service has been started.
# ifconfig vpn_vpn
vpn_vpn Link encap:Ethernet HWaddr 00:00:00:00:00:01
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
# /opt/vpnclient/vpncmd localhost /CLIENT
vpncmd command - SoftEther VPN Command Line Management Utility
SoftEther VPN Command Line Management Utility (vpncmd command)
Version 4.20 Build 9608 (English)
Compiled 2016/04/17 21:59:35 by yagi at pc30
Copyright (c) SoftEther VPN Project. All Rights Reserved.
Connected to VPN Client "localhost".
VPN Client>accountlist
AccountList command - Get List of VPN Connection Settings
Item |Value
----------------------------+------------------------------------------------
VPN Connection Setting Name |MyTestVPN
Status |Offline
VPN Server Hostname |my.vpn.server.hu:443 (Direct TCP/IP Connection)
Virtual Hub |TestHUB
Virtual Network Adapter Name|vpn
The command completed successfully.
VPN Client>accountconnect MyTestVPN
AccountConnect command - Start Connection to VPN Server using VPN Connection Setting
The command completed successfully.
VPN Client>accountlist
AccountList command - Get List of VPN Connection Settings
Item |Value
----------------------------+------------------------------------------------
VPN Connection Setting Name |MyTestVPN
Status |Connected
VPN Server Hostname |my.vpn.server.hu:443 (Direct TCP/IP Connection)
Virtual Hub |TestHUB
Virtual Network Adapter Name|vpn
The command completed successfully.
VPN Client>quit
# cat /root/dhclient-no-routers.conf
option rfc3442-classless-static-routes code 121 = array of unsigned integer 8;
send host-name = gethostname();
request subnet-mask, broadcast-address,
domain-name, domain-name-servers, domain-search,
interface-mtu, rfc3442-classless-static-routes;
# ip route
default via 192.168.132.1 dev wlan0 proto static metric 1024
192.168.132.0/24 dev wlan0 proto kernel scope link src 192.168.132.127
# dhclient -4 -d -v -cf /root/dhclient-no-routers.conf -pf /var/run/dhclient-vpn_vpn.pid vpn_vpn
Internet Systems Consortium DHCP Client 4.3.1
Copyright 2004-2014 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Listening on LPF/vpn_vpn/00:00:00:00:00:01
Sending on LPF/vpn_vpn/00:00:00:00:00:01
Sending on Socket/fallback
DHCPREQUEST on vpn_vpn to 255.255.255.255 port 67
DHCPACK from 192.168.1.242
bound to 192.168.1.3 -- renewal in 10659 seconds.
# ip route
default via 192.168.132.1 dev wlan0 proto static metric 1024
192.168.1.0/24 dev vpn_vpn proto kernel scope link src 192.168.1.3
192.168.132.0/24 dev wlan0 proto kernel scope link src 192.168.132.127
# ping 192.168.1.2 -c 3
PING 192.168.1.2 (192.168.1.2) 56(84) bytes of data.
64 bytes from 192.168.1.2: icmp_seq=1 ttl=64 time=288 ms
64 bytes from 192.168.1.2: icmp_seq=2 ttl=64 time=55.3 ms
64 bytes from 192.168.1.2: icmp_seq=3 ttl=64 time=169 ms
--- 192.168.1.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 55.329/170.905/288.316/95.125 ms
----------------------------------------------------------------------------
----------------------------------------------------------------------------
The difference between the two tests
----------------------------------------------------------------------------
First test route (after dhclient start)
default via 192.168.1.254 dev vpn_vpn (this line is difference the two test result)
default via 192.168.132.1 dev wlan0 proto static metric 1024
192.168.1.0/24 dev vpn_vpn proto kernel scope link src 192.168.1.3
192.168.132.0/24 dev wlan0 proto kernel scope link src 192.168.132.127
Second test route (after dhclient start, no routers option)
default via 192.168.132.1 dev wlan0 proto static metric 1024
192.168.1.0/24 dev vpn_vpn proto kernel scope link src 192.168.1.3
192.168.132.0/24 dev wlan0 proto kernel scope link src 192.168.132.127
----------------------------------------------------------------------------
The aim would be to go to the client's overall network traffic through the VPN.
In this case the second test is not satisfied. However, in the first test does
not work in the communication to the VPN.
--
Sincerely
Zsiga