Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Linux: Routing traffic through GlobalProtect

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Linux: Routing traffic through GlobalProtect

L1 Bithead

I am probably overlooking something basic here, so maybe this has a simple solution. I am trying to use GlobalProtect to access resources, I confirm that I am authenticated, and connected to the gateway. But It doesn't seem to be routing any traffic through the VPN. 

 

Kubuntu 20.04

GlobalProtect 5.2.5-46

 

Any ideas?

1 accepted solution

Accepted Solutions

L1 Bithead

So I finally solved this issue. Checking resolvconf and I saw this warning

 

sudo resolvconf -u
/etc/resolvconf/update.d/libc: Warning: /etc/resolv.conf is not a symbolic link to /run/resolvconf/resolv.conf

  moved /etc/resolv.conf to a backup location, and symlinked to the file at /run/resolvconf/resolv.conf, and I was able to access domains through the VPN.

 

$ sudo mv /etc/resolv.conf  /etc/resolv.conf-bak
$ ln -s /run/resolvconf/resolv.conf /etc/resolv.conf

 

And it is my own fault that this happened. I had started with a standard Ubuntu installation, and at some point, I changed to Kubuntu, which I just installed over the existing system. 

View solution in original post

4 REPLIES 4

L1 Bithead

I'm also seeing a lot of weird issues with the software. I know I'm supposed to report bugs to a TAC, but I'm not the actual subscriber, just an end user, so I don' know how I'm supposed to inform you of bugs. 

 

* The Linux app for me appears to add a new entry the task bar every time I reboot, which doesn't seem sustainable... I already have 3 icons showing.

* Also, I have the dark mode preference enabled on my system. The GUI app seems to only take this into account for text color, not background colors, so it is very difficult to view the text in the interface, because it's light gray text on white. 

Cyber Elite
Cyber Elite

On MacOS (very much like Linux) I use the command "netstat -r | grep tun" to see the routes to utun1 (on my laptop).  That lets me know that the OS has installed the routes.  If not, check the GP gateway configuration.

 

The process is probably very similar in Linux, although the tunnel interface may be different.

Help the community: Like helpful comments and mark solutions.

L1 Bithead

The LIVE community email notification is telling my that my own response was accepted as a solution. This is not the case, I'm still troubleshooting the issue, but I do have some good leads. I came across this bug report on Network Manager-openconnect on the Gnome project https://gitlab.gnome.org/GNOME/NetworkManager-openconnect/-/issues/33. Which cross links to this resolved issue https://gitlab.gnome.org/GNOME/NetworkManager-openconnect/-/merge_requests/12 .

I'm going to try updating Network Manager first (it's not a regular package that updates with the rest of my system software). Then try some of the manual options described in the issue.

L1 Bithead

So I finally solved this issue. Checking resolvconf and I saw this warning

 

sudo resolvconf -u
/etc/resolvconf/update.d/libc: Warning: /etc/resolv.conf is not a symbolic link to /run/resolvconf/resolv.conf

  moved /etc/resolv.conf to a backup location, and symlinked to the file at /run/resolvconf/resolv.conf, and I was able to access domains through the VPN.

 

$ sudo mv /etc/resolv.conf  /etc/resolv.conf-bak
$ ln -s /run/resolvconf/resolv.conf /etc/resolv.conf

 

And it is my own fault that this happened. I had started with a standard Ubuntu installation, and at some point, I changed to Kubuntu, which I just installed over the existing system. 

  • 1 accepted solution
  • 4309 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!