*** This bug is a duplicate of bug 1688018 ***
https://bugs.launchpad.net/bugs/1688018
This is the *nastiest* bug I've ever encountered in the wild on my own
in Linux (that has no good solution after this long). Package
1.2.2-0ubuntu0.16.04.4 has disappeared from the mirrors for Xenial (not
that anyone should expect a normal user to go through the deep dive that
is this subject, once one realizes what is happening). The cipher in use
by AWS for Client VPN isn't available in OpenSSL within Trusty Tahr, so
running an old Ubuntu distro is also not a viable solution for me. This
is about as serious of a bug as I could think of, and we're almost two
years in without it being addressed. Hate to be tin-foil-hatty, but this
seems like the kind of thing that gets put into software as a result of
government-agency interests. How many people around the world expecting
their VPN to protect them while viewing content from outside of their
nation state are DNS-leaking all over the place to their local ISP? How
many companies are leaking private zone DNS names (which often reflect
what's running on the target boxes, and would then include information
that could be used as part of an attack vector) to their ISP? I
understand how open source works, but most people (including me) don't
have the ability to work effectively on this nuanced bug. What's the
plan? Sorry to sound disgruntled, but I spent about a week on this
(coming to terms with understanding the issue, and then trying a number
of workarounds). Initially I accused our CTO of running a broken VPN
server (heh), because I could simply not believe that things didn't
"just work" in Linux for this extremely common use case. So we don't
support pushing "dhcp-option" for DNS in Linux. This works in Mac and in
Windows. We need a working/easy way to update our DNS addresses upon
connecting to/disconnected from a VPN that users can trust. This bug is
so obscene, bwahah, I felt like Linus Torvalds dealing with Nvidia...
:-P
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1671606
Title:
DNS server from vpn connection is not being used after network-manager
upgrade to 1.2.6-0ubuntu0.16.04.1
Status in network-manager package in Ubuntu:
Confirmed
Status in resolvconf package in Ubuntu:
Invalid
Bug description:
I use my company's cisco vpn via network-manager in Ubuntu 16.04.2
LTS. After recent upgrade of network-manager:amd64 from version
1.2.2-0ubuntu0.16.04.4 to version 1.2.6-0ubuntu0.16.04.1 DNS
resolution of VPN's server hostnames does not work. Roll back to
version 1.2.2-0ubuntu0.16.04.4 solves the problem.
Steps for reproducing:
1. upgrade network-manager:amd64 from version 1.2.2-0ubuntu0.16.04.4 to
version 1.2.6-0ubuntu0.16.04.1
2. connect to VPN via network-manager applet
3. nslookop servername.internal --> ** server can't find servername.internal:
NXDOMAIN
4. disconnect from VPN via network-manager applet
5. roll back network-manager via command: sudo apt-get install
network-manager=1.2.2-0ubuntu0.16.04.4
6. restart network-manager via sudo service network-manager restart
7. connect to VPN via network-manager applet
8. nslookop servername.internal --> the server is resolved correctly
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: network-manager 1.2.6-0ubuntu0.16.04.1
ProcVersionSignature: Ubuntu 4.4.0-66.87-generic 4.4.44
Uname: Linux 4.4.0-66-generic x86_64
ApportVersion: 2.20.1-0ubuntu2.5
Architecture: amd64
CurrentDesktop: Unity
Date: Thu Mar 9 19:49:55 2017
InstallationDate: Installed on 2015-10-05 (520 days ago)
InstallationMedia: Ubuntu 15.04 "Vivid Vervet" - Release amd64 (20150422)
NetworkManager.state:
[main]
NetworkingEnabled=true
WirelessEnabled=true
WWANEnabled=true
WimaxEnabled=true
SourcePackage: network-manager
UpgradeStatus: No upgrade log present (probably fresh install)
nmcli-nm:
RUNNING VERSION STATE STARTUP CONNECTIVITY NETWORKING WIFI-HW
WIFI WWAN-HW WWAN
running 1.2.6 connected started full enabled enabled
enabled enabled enabled
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1671606/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
