Mate 18.04 cisco vpnc VPN DNS problem

Support & Help Requests
#1

Hello

Can someone help me?

When i want to use a vpn connection to my office i get a dns ip address automatically but resolving don`t work.

biver@EliteBook:~$ ping google.hr

^C
biver@EliteBook:~$ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=48 time=27.6 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=48 time=27.5 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=48 time=27.5 ms
^C
--- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 27.545/27.585/27.613/0.029 ms
biver@EliteBook:~$

Global
DNS Servers: 10.1.19.11
10.1.19.12
10.1.19.13
85.114.32.7
8.8.8.8
DNS Domain: ot.hr
DNSSEC NTA: 10.in-addr.arpa
16.172.in-addr.arpa
168.192.in-addr.arpa
17.172.in-addr.arpa
18.172.in-addr.arpa
19.172.in-addr.arpa
20.172.in-addr.arpa
21.172.in-addr.arpa
22.172.in-addr.arpa
23.172.in-addr.arpa
24.172.in-addr.arpa
25.172.in-addr.arpa
26.172.in-addr.arpa
27.172.in-addr.arpa
28.172.in-addr.arpa
29.172.in-addr.arpa
30.172.in-addr.arpa
31.172.in-addr.arpa
corp
d.f.ip6.arpa
home
internal
intranet
lan
local
private
test

Link 6 (tun0)
Current Scopes: none
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no

Link 3 (wlo1)
Current Scopes: none
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no

Link 2 (enp0s25)
Current Scopes: none
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no

Screenshot%20at%202019-07-24%2009-03-55
Screenshot at 2019-07-24 09-03-55.png600×585 42.6 KB

#2

Screenshot%20at%202019-07-24%2009-03-22
Screenshot at 2019-07-24 09-03-22.png600×581 33.7 KB

#3

Hi,
When VPN connection comes into action initial address and DNS settings are substituted by new ones which belong to virtual private network a system is connected to.
Ergo, the first question is whether VPN DNS server allows resolution of Internet addresses like google. By the way, the most probable answer is 'no'...

#4

Hello

Yes everything is allowed ( i work as network admin) .. work fine when i use same .pcf file on network manager in shrew soft and similar..
It has works fine on fedora...

DNS service wont to rewrite itself when it connected by new interface (tun0 form vpn? )
can ping ip address when i was connected to vpn but i cannot resolve anything..

I have read on forums on DNS problem in 18.04 with open vpn and use dnsmasq to resolve a problem ... in my case i use a cisco vpnc , thru network manager, no example for that.. :confused:

#5

You can verify how dns server works (with and without vpn in effect) using nslookup like that:

# start command
nslookup
# see what is default dns server
> server
Default server: 8.8.8.8
Address: 8.8.8.8#53
Default server: 8.8.4.4
Address: 8.8.4.4#53
# verify dns resolution with default server
> google.com
Server:		8.8.8.8
Address:	8.8.8.8#53

Non-authoritative answer:
Name:	google.com
Address: 216.58.215.78
Name:	google.com
Address: 2a00:1450:401b:806::200e
# change dns server to an alternative
> server 8.8.4.4
Default server: 8.8.4.4
Address: 8.8.4.4#53
# verify alternative dns server resolution
> google.com
Server:		8.8.4.4
Address:	8.8.4.4#53

Non-authoritative answer:
Name:	google.com
Address: 216.58.209.14
Name:	google.com
Address: 2a00:1450:401b:806::200e
>
#6

By the way, I always switch dnsmasq off in ubuntu. And they say, that switching off dnsmasq may have (unreported) effect on vpn connections. Never had a problem with that myself, though.

#7

Hello

Im setup a connection thru VPN from command line.. vpnc (cisco vpn) must run as sudo, then DNS resolving works fine.. i guess that network manager gui does not apply all privileges in settings as must.

Thx
Best regards

#8

Try other VPN services, free ones as well. Here are also a couple of good examples of VPN services by Reddit: Free VPN and Reddit