3

Trying to use freshly installed Windows Subsytem for Linux (Ubuntu 18.04) to connect to a server at work. I am using the Cisco Anyconnect VPN to connect to my companies network, this is fine as I can ping my server from the windows command prompt.

ipconfig shows the following: Windows IP Configuration

Ethernet adapter Ethernet 2:

   Connection-specific DNS Suffix  . : company.com
   Link-local IPv6 Address . . . . . : xx11::11xx:xx1x:xx11:1x1x%11
   Link-local IPv6 Address . . . . . : yy22::y2yy:2y22:2y22:2y22%22
   IPv4 Address. . . . . . . . . . . : 192.168.11.111   
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : ::

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : zz33::z33z:z333:3z3z:333z%3
   IPv4 Address. . . . . . . . . . . : 192.168.2.222
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.3.3

In the Ubuntu 18.04 shell, the default /etc/resolv.conf contains the following:

# This file was automatically generated by WSL. To stop automatic generation of this file, remove this line
nameserver 192.168.3.3
nameserver 192.168.44.44
nameserver 192.168.55.55
search company.com

Pinging my work server results in:

employee@home:~$ ping work@company.com
ping: work@company.com: Name or service not known

Following some forum questions about a similar problem, I edited my /etc/resolve.conf file to only include my work VPN's ip address that I could see in the output from ipconfig listed above. My /etc/resolve.conf now looks like:

nameserver 192.168.11.111
search company.com

Pinging my work server now results in:

employee@home:~$ ping work@company.com
ping: work@company.com: Temporary failure in name resolution

Different error now, but still no dice. Also tried pinging google.com and that host name could not be resolved either (before and after the resolve.conf changes.

I also tried using the following in my /etc/resolve.conf to no avail:

nameserver 192.168.11.111
search company.com
nameserver 192.168.3.3
nameserver 192.168.44.44
nameserver 192.168.55.55

ping: work@company.com: Name of service not known.

And I also used an @company.com-less hostname, again to no avail.

Any thoughts? All the posts I have read show that my first step works, and I have not seen the "Temporary failure in name resolution" error in any of them as well.

Update: Here are screenshots of the Anyconnect VPN info.

enter image description here enter image description here enter image description here

Thanks!

jasper
  • 81
  • 7
  • Is your Windows VPN PPTP VPN? That will cut off external internet. – John Jan 20 '20 at 22:56
  • @John could you clarify what "Is your windows VPN PPTP VPN?" means? Thanks – jasper Jan 20 '20 at 23:35
  • What VPN are you using? Windows native VPN is PPTP and PPTP cuts off Internet while tunnel is in use. A number of other client apps are IPsec clients and allow split tunneling. – John Jan 20 '20 at 23:45
  • @John I am using Cisco AnyConnect 4.7.02036, is uses DTLSv1.0 Transport Protocol, not sure if that is the same sort of thing or not. – jasper Jan 20 '20 at 23:51
  • You need to use the AnyConnect documentation to see what kind of tunneling you are using. – John Jan 20 '20 at 23:52
  • You can also ask your company what kind of VPN server they are using – John Jan 21 '20 at 00:06
  • @John from what I understand Cisco Anyconnect uses SSL tunneling. I added screenshots of the VPN info, can you tell from that? – jasper Jan 21 '20 at 00:10
  • You need to ask your company. SSL to a Fortigate box does not cut off host internet. I assume your Windows machine has no internet while this tunnel is connected – John Jan 21 '20 at 00:12
  • @John My windows machine has internet and can communicate with the server at the office through the VPN. My issue is that my Windows Subsytem for Linux instance has no internet with the VPN running under Windows. – jasper Jan 21 '20 at 00:15
  • Your screenshot says "management interface disconnected - tunnel active" – John Jan 21 '20 at 00:16
  • This appeared to be the most relevant post. In this post your issue was a known issue: https://community.kaspersky.com/kaspersky-internet-security-13/https-doesn-t-work-in-the-wsl-win10-442 . For with it is worth, I use VMware Workstation host my Ubuntu machine - no issues. You might try VMware or Hyper-V instead of WSL – John Jan 21 '20 at 00:19
  • 1
    @jasper Have you found a solution for this yet? – Sterex Jan 09 '21 at 19:11
  • got the similar issue with any connect VPN, maybe this helps: https://superuser.com/a/1666368/1469294 – Kraego Jul 29 '21 at 12:38

0 Answers0