You might want to use the PPA created by David Woodhouse which has modern OpenConnect v8.10 packaged for Ubuntu 16.04 and 18.04: https://launchpad.net/~dwmw2/+archive/ubuntu/openconnect
Dan On Sat, Nov 14, 2020 at 12:45 PM Daniel Lenski <dlen...@gmail.com> wrote: > > > After trying your proposed solution, it > > didn't work but after a bit of googling I realized that I was running > > openconnect in the background and was using wrong signal to disconnect > > it. kill command, by default, sends TERM signal to the process and, > > according to openconnect manual, SIGTERM makes openconnect exit > > immediately without logging off or running vpnc-script. > > This is because you are using a (very!) old version of OpenConnect. > > OpenConnect v8.0 and newer make SIGTERM do the same thing as SIGINT. > https://gitlab.com/openconnect/openconnect/-/merge_requests/15 > > On Sat, Nov 14, 2020 at 12:18 PM Jędrek Domański <jedrek.doman...@gmail.com> > wrote: >> >> Thank you for your response. After trying your proposed solution, it >> didn't work but after a bit of googling I realized that I was running >> openconnect in the background and was using wrong signal to disconnect >> it. kill command, by default, sends TERM signal to the process and, >> according to openconnect manual, SIGTERM makes openconnect exit >> immediately without logging off or running vpnc-script. So, here we >> go, I was using the wrong signal to disconnect openconnect, that's why >> it wasn't restoring my routes and dns. What I needed was to use >> -SIGINT signal in kill command: >> >> sudo kill -SIGINT `cat /var/run/openconnect.pid` >> NOT >> sudo kill `cat /var/run/openconnect.pid` >> >> Thank you, >> Jędrzej >> >> pt., 13 lis 2020 o 19:09 Daniel Lenski <dlen...@gmail.com> napisał(a): >> > >> > On Fri, Nov 13, 2020 at 2:41 AM Jędrek Domański >> > <jedrek.doman...@gmail.com> wrote: >> > > >> > > Hello, >> > > I am using OpenConnect on Ubuntu 16.04 to connect to my client's IT >> > > infrustructure and am having problems after disconnecting VPN. Prior >> > > connecting to VPN my /etc/resolv.conf looks like this: >> > > >> > > nameserver 127.0.1.1 >> > > search home >> > > >> > > After connecting to VPN my /etc/resolv.conf gets changed and I get >> > > nameserver and search from my client's server configuration, which is >> > > fine, however after disconnecting VPN my /etc/resolv.conf stays the >> > > same and my internet connection speed is dramatically degraded and it >> > > takes almost 10 seconds for every page to load. I have checked my >> > > network configuration and have confirmed with my ISP provider that the >> > > correct DNS servers are provided for me and that the issue comes from >> > > openconnect not reverting the changed configuration file >> > > /etc/resolv.conf. The nameserver I am left off with is the Google DNS >> > > 8.8.8.8 which I get from my client's server, because they might be >> > > using it inside of their infrastructure for some reason. I've tried it >> > > on my Mac and after disconnecting VPN /etc/resolv.conf is reverted to >> > > what it was prior establishing the connection. This should also happen >> > > on Linux but it does not. Why does this not happen and how do I fix >> > > this? >> > >> > Technically, this is not because of OpenConnect itself, but because of >> > the vpnc-script >> > (https://gitlab.com/openconnect/vpnc-scripts/blob/master/vpnc-script) >> > which OpenConnect calls for all routing and DNS setup. >> > >> > Assuming you're using the version of the vpnc-script that's actually >> > distributed with Ubuntu 16.04, it's *ancient* >> > (https://packages.ubuntu.com/xenial/vpnc-scripts). >> > >> > We've made a ton of modifications and improvements to DNS handling >> > since then (approximate diff: >> > https://gitlab.com/openconnect/vpnc-scripts/-/compare/a64e23b1b6602095f73c4ff7fdb34cccf7149fd5...master#47d6c67f7e3c5408337ca1a557416fa846c6efc4). >> > >> > Most likely your Mac has a much more modern version of the vpnc-script. >> > >> > First thing you try is using a modern version of the vpnc-script and >> > see if that fixes the situation. If that doesn't work, add --script >> > "sh -x /path/to/the/vpnc-script" to your OpenConnect command-line; >> > this will give a trace of all the commands run by the vpnc-script, and >> > aid greatly in debugging. >> > >> > Dan _______________________________________________ openconnect-devel mailing list openconnect-devel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/openconnect-devel
