VPNC broken after gutsy upgrade
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
vpnc (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: vpnc
Upgrading from Feisty to Gutsy has broken my Cisco VPN, but I'm not sure how to diagnose it.
Under Feisty, I could use either the command line "sudo vpnc" or use NetworkManager to connect to my company's network, and it worked fine. Apparently there's also an "official" Cisco client, but you need a kernel compiled before the fall of the Berlin Wall to make it work (ie RedHat).
When I say "the VPN worked fine", I mean:
-Requests to the corporate network were routed OK. I could:
VNC to a desktop at work
SMB onto a drive at work etc
-Requests to my local network were unaffected, I could still:
see my router's webface
SMB to my housemate's Windows box
-Requests for internet traffic were unaffected, I could
receive web-pages via my home internet connection
use messenger programs etc
Under Gutsy, the VPN appears to connect fine (it does not disconnect immediately, this is *not* a duplicate of 124238). However, nothing at all is accessible, neither the corporate network, nor the internet.
Without the VPN, NetworkManager (which I'm using for wireless roaming) creates a file that simply says:
search myHomeDomain
nameserver 192.168.2.1 (myHomeRouter)
That works fine, because the default route just goes straight to the router which gets name resolution etc from my ISP.
With the VPN connected however, I get a resolv.conf like this:
search myHomeDomain myCorporateDomain
nameserver corporateDNS1
nameserver corporateDNS2
This is useless, as I no longer can see the internet! So, I manually add "nameserver 192.168.2.1", and that works as a quick fix, but I didn't need to do that under Feisty - regression.
More importantly, the VPN doesn't work - despite the routing table being populated with a load of corporate internal IP addresses, I can't actually see any of them. They don't reply to pings, I can't SMB anything, yet the connection is alive, I see tun0 under ifconfig.
What information do I need to diagnose the problem?
Why did this work before, and not now?
BTW, before you ask,
"Why did he upgrade to an unstable release on a box needed for work?"
Because Evolution in Feisty is fundamentally broken - useless for accessing Exchange server. The latest Evolution is a *little* better (though still essentially useless for doing real work), but is not backported to Feisty. Doing a partial upgrade to Gutsy to get newer Evolution broke everything (Nautilus etc.) so I did a full dist-upgrade. Also it seemed an easier way to move from Beryl to CompizFusion.
Help!!
2007-Aug-19
I have all the current updates to Gusty and I am seeing the same thing.
I have no clue as to what is actually wrong.
There is no option to revert to an old version.
I don't know what these things from the change log really mean.
vpnc (0.4.0-3ubuntu1) gutsy; urgency=low
* Merge from debian unstable, remaining changes: patches/ debian/ patches/ 08_auth_ failed_ return_ code.dpatch optimizations. dpatch, since vpnc is ok with GCC timer_disable. dpatch since it has been included in stolen_ from_head. dpatch
- Auth failed return code
- Change the default for --dpd-idle from 300 to 0 (disables dpd).
- Update maintainer field in debian/control
* Dropped changes:
- Dropped debian/
- Dropped 07_gcc_
- Dropped 09_dpd_
06_
-- Luca Falavigna <email address hidden> Thu, 24 May 2007 10:20:09 +0100
vpnc (0.4.0-3) unstable; urgency=low
* 06_stolen_ from_head. dpatch: sync with SVN revision 174, including fixes dpatch: ifconfig call with full path (closes: 423146)
for DPD (closes: #416180) and also most likely solves the keepalive
problems (closes: #418906, reopen if not)
* 04_debianitis.
-- Eduard Bloch <email address hidden> Wed, 23 May 2007 22:45:46 +0200
vpnc (0.4.0-2ubuntu2) gutsy; urgency=low
* Apply r170 from SVN trunk to help resolve immediate disconnections due to
dead peer detection (dpd). Adds the --dpd-idle command line option which
can be set to 0 to disable dead peer detection.
* Change the default for --dpd-idle from 300 to 0 (disables dpd).
* LP: #93413
-- James Tait <email address hidden> Fri, 11 May 2007 21:34:52 +0100
Wilbur