2

I started getting some issue on my Ubuntu 18.04 a few days ago even though I didn't change any networking settings.

The problem is when I connect to my work VPN (OpenVPN) I can't resolve any DNS names on that VPN network if I select "Use this connection only for resources on this network". If I disable that option then I can resolve DNS inside the network, but naturally can't connect to anything outside.

Here's the output of systemd-resolve --status if I DISABLE "Use this connection only for resources on this network" and connect to the VPN:

Link 10 (tun0)
      Current Scopes: DNS
       LLMNR setting: yes
MulticastDNS setting: no
      DNSSEC setting: no
    DNSSEC supported: no
         DNS Servers: 10.xxx.xx.xx
          DNS Domain: ~.

So it actually shows the DNS server. But once I switch "Use this connection only for resources on this network" back ON:

Link 11 (tun1)
      Current Scopes: none
       LLMNR setting: yes
MulticastDNS setting: no
      DNSSEC setting: no
    DNSSEC supported: no

Link 10 (tun0)
      Current Scopes: none
       LLMNR setting: yes
MulticastDNS setting: no
      DNSSEC setting: no
    DNSSEC supported: no

I have tried solutions in this question Ubuntu 18.04 no DNS resolution when connected to openvpn but nothing seemed to work.

I've also tried using unbound package and that didn't help either.

Found also this Suddenly not able to access resources on VPN network in Ubuntu 18.04? so I'm obviously not alone in this, but it doesn't have any solutions.

A bit lost what else to do, don't want to reinstall the whole system because of this.

SergioLeone
  • 243

4 Answers4

2

I may have solved it with this command: 

nmcli c modify <vpn-settings-name> ipv4.dns-search '<domain>'

The <vpn-settings-name> should be the same as in your NetworkManager settings.

For now seems to be doing the trick, I haven't modified anything post boot apart from issuing the command above, and now systemd-resolve --status shows the correct DNS for the VPN network.

Wanted to post a solution in case any one else struggles with the same issue.

SergioLeone
  • 243
1

I found the following.

When ticking the "Use this connection only for resources on this network" I had no DNS as per the question.

If it was unticked, I had a duplicate default route, which once deleted, everything including DNS would work.

Comparing the output of systemd-resolve --status of these two scenarios I found the following:

When DNS worked but the options created the duplicate route, it would show this:

      DNS Domain: ~.
                  corporate-network.local

When DNS didn't work, it would show this:

      DNS Domain: corporate-network.local

The solution, therefore, is to tick the "Use this connection only for resources on this network" box and to enter ~. as an additional DNS domain.

Now the connection works directly from the network manager without having to delete the spurious default gateway and all the internal DNS resolves.

bcmcfc
  • 848
0

Try reimporting your original .ovpn file if you haven't already. I experienced a similar issue where my VPN's DNS server would not show in systemd-resolve --status, but once I reimported my .ovpn file in Network Manager, the problem was resolved.

leonexis
  • 351
0

Entering nmcli c modify "Put your VPN Name Here" ipv4.dns-search ~. in the command line, and restarting the VPN connection worked for me.

Omid Khalili
  • 162