ネットワーク管理者にopenvpnパスがありません。

ネットワーク管理者にopenvpnパスがありません。

Network Managerを使用してVPNを設定しようとしています。私の設定でopenvpnを手動で実行すると正常に動作します(sudo openvpn --config MyVPN.ovpn)。その後、Route()を印刷すると、次のようにsudo route -nなります。

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.1.254   0.0.0.0         UG    600    0        0 wlp3s0
10.c.d.0        172.a.b.1       255.255.255.0   UG    0      0        0 tun0
10.e.f.0        172.a.b.1       255.255.255.0   UG    0      0        0 tun0
169.254.0.0     0.0.0.0         255.255.0.0     U     1000   0        0 wlp3s0
172.a.b.0       0.0.0.0         255.255.255.0   U     0      0        0 tun0
192.168.1.0     0.0.0.0         255.255.255.0   U     600    0        0 wlp3s0

ネットワーク管理者(openvpnプラグインを含む)を使用するとき10.ゲートウェイパスがありません。

ipv4と6を確認しましたUse this connection only for resources on its network(すべてのトラフィックがそのVPNを通過したくありません)。

ネットワーク管理者によるルーティングが欠落しているのはなぜですか?

私はLinux Mint 18.2、ネットワーク管理者1.2.6-0ubuntu0.16.04.1、openvpn 2.3.10-1ubuntu2.1を使用しています。

tail -f /var/log/syslogNMを使用すると、これが起こります。

Sep  6 12:32:05 MyMint NetworkManager[867]: <info>  [1504693925.1089] audit: op="connection-activate" uuid="d4e40650-bc76-4139-a92f-ab51276287e2" name="MyVPN" pid=15515 uid=1000 result="success"
Sep  6 12:32:05 MyMint NetworkManager[867]: <info>  [1504693925.1171] vpn-connection[0x1ba5460,d4e40650-bc76-4139-a92f-ab51276287e2,"MyVPN",0]: Started the VPN service, PID 31326
Sep  6 12:32:05 MyMint NetworkManager[867]: <info>  [1504693925.1314] vpn-connection[0x1ba5460,d4e40650-bc76-4139-a92f-ab51276287e2,"MyVPN",0]: Saw the service appear; activating connection
Sep  6 12:32:12 MyMint NetworkManager[867]: <info>  [1504693932.3783] keyfile: update /etc/NetworkManager/system-connections/MyVPN (d4e40650-bc76-4139-a92f-ab51276287e2,"MyVPN")
Sep  6 12:32:12 MyMint NetworkManager[867]: nm-openvpn-Message: openvpn[31341] started
Sep  6 12:32:12 MyMint NetworkManager[867]: <info>  [1504693932.3865] vpn-connection[0x1ba5460,d4e40650-bc76-4139-a92f-ab51276287e2,"MyVPN",0]: VPN plugin: state changed: starting (3)
Sep  6 12:32:12 MyMint NetworkManager[867]: <info>  [1504693932.3866] vpn-connection[0x1ba5460,d4e40650-bc76-4139-a92f-ab51276287e2,"MyVPN",0]: VPN connection: (ConnectInteractive) reply received
Sep  6 12:32:12 MyMint nm-openvpn[31341]: OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017
Sep  6 12:32:12 MyMint nm-openvpn[31341]: library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08
Sep  6 12:32:12 MyMint nm-openvpn[31341]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Sep  6 12:32:12 MyMint nm-openvpn[31341]: WARNING: file '/home/laurian/MyVPN/MyVPN.key' is group or others accessible
Sep  6 12:32:12 MyMint nm-openvpn[31341]: NOTE: chroot will be delayed because of --client, --pull, or --up-delay
Sep  6 12:32:12 MyMint nm-openvpn[31341]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Sep  6 12:32:12 MyMint nm-openvpn[31341]: UDPv4 link local: [undef]
Sep  6 12:32:12 MyMint nm-openvpn[31341]: UDPv4 link remote: [AF_INET]170.75.241.82:1194
Sep  6 12:32:14 MyMint nm-openvpn[31341]: [MyVPN] Peer Connection Initiated with [AF_INET]170.75.241.82:1194
Sep  6 12:32:16 MyMint nm-openvpn[31341]: TUN/TAP device tun0 opened
Sep  6 12:32:16 MyMint nm-openvpn[31341]: /usr/lib/NetworkManager/nm-openvpn-service-openvpn-helper --bus-name org.freedesktop.NetworkManager.openvpn.Connection_8 --tun -- tun0 1500 1558 172.a.b.4 255.255.255.0 init
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.7477] manager: (tun0): new Tun device (/org/freedesktop/NetworkManager/Devices/8)
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.7562] devices added (path: /sys/devices/virtual/net/tun0, iface: tun0)
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.7562] device added (path: /sys/devices/virtual/net/tun0, iface: tun0): no ifupdown configuration found.
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.7796] vpn-connection[0x1ba5460,d4e40650-bc76-4139-a92f-ab51276287e2,"MyVPN",0]: VPN connection: (IP Config Get) reply received.
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.7852] vpn-connection[0x1ba5460,d4e40650-bc76-4139-a92f-ab51276287e2,"MyVPN",9:(tun0)]: VPN connection: (IP4 Config Get) reply received
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.7861] vpn-connection[0x1ba5460,d4e40650-bc76-4139-a92f-ab51276287e2,"MyVPN",9:(tun0)]: Data: VPN Gateway: 170.x.y.z
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.7862] vpn-connection[0x1ba5460,d4e40650-bc76-4139-a92f-ab51276287e2,"MyVPN",9:(tun0)]: Data: Tunnel Device: "tun0"
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.7862] vpn-connection[0x1ba5460,d4e40650-bc76-4139-a92f-ab51276287e2,"MyVPN",9:(tun0)]: Data: IPv4 configuration:
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.7862] vpn-connection[0x1ba5460,d4e40650-bc76-4139-a92f-ab51276287e2,"MyVPN",9:(tun0)]: Data:   Internal Gateway: 172.a.b.1
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.7862] vpn-connection[0x1ba5460,d4e40650-bc76-4139-a92f-ab51276287e2,"MyVPN",9:(tun0)]: Data:   Internal Address: 172.a.b.4
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.7862] vpn-connection[0x1ba5460,d4e40650-bc76-4139-a92f-ab51276287e2,"MyVPN",9:(tun0)]: Data:   Internal Prefix: 24
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.7862] vpn-connection[0x1ba5460,d4e40650-bc76-4139-a92f-ab51276287e2,"MyVPN",9:(tun0)]: Data:   Internal Point-to-Point Address: 172.a.b.4
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.7862] vpn-connection[0x1ba5460,d4e40650-bc76-4139-a92f-ab51276287e2,"MyVPN",9:(tun0)]: Data:   Maximum Segment Size (MSS): 0
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.7863] vpn-connection[0x1ba5460,d4e40650-bc76-4139-a92f-ab51276287e2,"MyVPN",9:(tun0)]: Data:   Static Route: 10.c.d.0/24   Next Hop: 172.a.b.1
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.7863] vpn-connection[0x1ba5460,d4e40650-bc76-4139-a92f-ab51276287e2,"MyVPN",9:(tun0)]: Data:   Static Route: 10.e.f.0/24   Next Hop: 172.a.b.1
Sep  6 12:32:16 MyMint nm-openvpn[31341]: chroot to '/var/lib/openvpn/chroot' and cd to '/' succeeded
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.7863] vpn-connection[0x1ba5460,d4e40650-bc76-4139-a92f-ab51276287e2,"MyVPN",9:(tun0)]: Data:   Forbid Default Route: yes
Sep  6 12:32:16 MyMint nm-openvpn[31341]: GID set to nm-openvpn
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.7863] vpn-connection[0x1ba5460,d4e40650-bc76-4139-a92f-ab51276287e2,"MyVPN",9:(tun0)]: Data:   DNS Domain: '(none)'
Sep  6 12:32:16 MyMint nm-openvpn[31341]: UID set to nm-openvpn
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.7863] vpn-connection[0x1ba5460,d4e40650-bc76-4139-a92f-ab51276287e2,"MyVPN",9:(tun0)]: Data: No IPv6 configuration
Sep  6 12:32:16 MyMint nm-openvpn[31341]: Initialization Sequence Completed
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.7864] vpn-connection[0x1ba5460,d4e40650-bc76-4139-a92f-ab51276287e2,"MyVPN",9:(tun0)]: VPN plugin: state changed: started (4)
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.7890] vpn-connection[0x1ba5460,d4e40650-bc76-4139-a92f-ab51276287e2,"MyVPN",9:(tun0)]: VPN connection: (IP Config Get) complete
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.7893] device (tun0): state change: unmanaged -> unavailable (reason 'connection-assumed') [10 20 41]
Sep  6 12:32:16 MyMint dbus[823]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service'
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.8035] keyfile: add connection in-memory (6cc36f83-a713-494f-a153-8c0ef8482c23,"tun0")
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.8041] device (tun0): state change: unavailable -> disconnected (reason 'connection-assumed') [20 30 41]
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.8061] device (tun0): Activation: starting connection 'tun0' (6cc36f83-a713-494f-a153-8c0ef8482c23)
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.8070] device (tun0): state change: disconnected -> prepare (reason 'none') [30 40 0]
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.8075] device (tun0): state change: prepare -> config (reason 'none') [40 50 0]
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.8078] device (tun0): state change: config -> ip-config (reason 'none') [50 70 0]
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.8081] device (tun0): state change: ip-config -> ip-check (reason 'none') [70 80 0]
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.8088] device (tun0): state change: ip-check -> secondaries (reason 'none') [80 90 0]
Sep  6 12:32:16 MyMint systemd[1]: Starting Network Manager Script Dispatcher Service...
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.8132] device (tun0): state change: secondaries -> activated (reason 'none') [90 100 0]
Sep  6 12:32:16 MyMint NetworkManager[867]: <info>  [1504693936.8238] device (tun0): Activation: successful, device activated.
Sep  6 12:32:16 MyMint dbus[823]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
Sep  6 12:32:16 MyMint systemd[1]: Started Network Manager Script Dispatcher Service.
Sep  6 12:32:16 MyMint nm-dispatcher: req:1 'vpn-up' [tun0]: new request (1 scripts)
Sep  6 12:32:16 MyMint nm-dispatcher: req:1 'vpn-up' [tun0]: start running ordered scripts...
Sep  6 12:32:16 MyMint nm-dispatcher: req:2 'up' [tun0]: new request (1 scripts)
Sep  6 12:32:16 MyMint nm-dispatcher: req:2 'up' [tun0]: start running ordered scripts...
Sep  6 12:32:16 MyMint ntpdate[31411]: the NTP socket is in use, exiting
Sep  6 12:32:17 MyMint ntpdate[31471]: the NTP socket is in use, exiting
Sep  6 12:32:17 MyMint ntpdate[31530]: the NTP socket is in use, exiting
Sep  6 12:32:18 MyMint ntpd[1364]: Listen normally on 28 tun0 172.a.b.4:123
Sep  6 12:32:18 MyMint ntpd[1364]: Listen normally on 29 tun0 [fe80::a1e0:e276:5803:2ce5%9]:123
Sep  6 12:32:18 MyMint ntpd[1364]: new interface(s) found: waking up resolver

答え1

これはNetworkManagerの長いバグです。それ数年前にUbuntuに報告されました、そしてアップストリームレポートしかし、これまでの上流プロジェクトのどれもこれを実行していません。

この問題は、私が直面していたので、内部に/etc/NetworkManager/dispatcher.d/01vpnbypass.shパス自体を追加して削除するスケジューラスクリプトを書くことで解決しました。これは迷惑な解決策ですが、うまくいきます。

#!/bin/bash

# These networks will bypass the VPN
v4subnets="5.42.160.0/19 24.105.0.0/18 37.244.0.0/18 59.153.40.0/22 103.4.114.0/23 103.198.32.0/23 137.221.64.0/18 158.115.192.0/19 185.60.112.0/22 198.74.32.0/21 198.74.40.0/23 202.9.66.0/23"
v6subnets="2a04:e800::/29 2401:ef00::/32 2620:10b:9000::/44"

IF=$1
STATUS=$2

v4gateway=$(ip r s default | grep -v $IF | awk '{print $3}')
v4device=$(ip r s default | grep -v $IF | awk '{print $5}')
v6gateway=$(ip -6 r s default | grep -v $IF | awk '{print $3}')
v6device=$(ip -6 r s default | grep -v $IF | awk '{print $5}')

if [ "$IF" == "tun0" ]
then
        case "$2" in
                vpn-up)
                        for v4subnet in $v4subnets; do
                                ip r add $v4subnet via $v4gateway dev $v4device
                        done
                        for v6subnet in $v6subnets; do
                                ip -6 r add $v6subnet via $v6gateway dev $v4device
                        done
                        ;;
                vpn-down)
                        for v4subnet in $v4subnets; do
                                ip r del $v4subnet via $v4gateway dev $v4device
                        done
                        for v6subnet in $v6subnets; do
                                ip -6 r del $v6subnet via $v6gateway dev $v4device
                        done
                        ;;
                *)
                        ;;
        esac
fi

関連情報