Hi All,
Calling it quits after beating my head against the wall trying to get split tunneling working correctly on Ubuntu 18.04.1 LTS following the guides for OpenVPN split tunneling and Transmission split tunneling on the this site for Ubuntu 16.04.
What I can confirm is that the way Networking is handled in 18.04 has changed a bit. Instead of using resolv.conf, 18.04 uses systemd-resolv.
So I believe the script calls to /etc/openvpn/update-resolve-conf are in part where the issues lie.
18.04 no longer uses /etc/network/interfaces file but instead a config file found under /etc/netplan which of course has a completely different syntax.
I don't know if I'm way off my rocker here, but these little changes seems to break quite a few things. For example you cannot enable vino screen sharing for VNC in the system settings when using a static ip configuration and netplan because the system "sees" all the networks as unmanaged. I figured out a fix for this basically symlinking /usr/share/applications/vino-server.desktop to /etc/xdg/autostart to manually force enable Vino on startup for all users.... but I digress. .....
There is a package in the Ubuntu repository that is supposed to help openvpn dns mapping based on the git repository found here (I believe).
What I can confirm is that following the existing guide for 16.04, openvpn (tun0) connects on startup as expected and gets a valid ip address.
I can use ping -I tun0 to various places and get responses for via IP and DNS name.
The ping times I get going through tun0 interface are slower than going through my default network interface (which would indicate to me that it is using a different DNS server, but maybe not?) - I'm not sure how to test that.
I can also confirm that when I use curl for vpn user it times out and will not resolve using the command from the guide :
I get the following result after a few minutes of waiting:
curl: (7) Failed to connect to ipinfo.io port 80: Connection timed out
However, when I use the command: sudo curl ipinfo.io --interface tun0
I get the following result:
dadmin@ubuntu:~$ sudo curl ipinfo.io --interface tun0
"ip": "173.239.219.17",
"hostname": "ip-17-219-239-173.east.us.northamericancoax.com",
"city": "Lansing",
"region": "Michigan",
"country": "US",
"loc": "42.7325,-84.5555",
"phone": "517",
"org": "AS20473 Choopa, LLC"
so that seems to be working
Also, any torrent I try to paste into the transmission web interface doesn't resolve or connect either.
I have the transmission watch-dir enabled, and when I put a torrent file in there, it appears in the transmission web gui - but it does not start downloading.
So it would seem that tun0 is not actually working correctly- but in some way it is.
When I run ip a in terminal. I have an ip address for tun0 as well as my default nic.
I can use ping -I tun0 and get responses from anywhere I try.
My regular connection works fine, can browse websites, can ssh etc....
Sorry if this is all over the road, I categorize myself as "knows enough to be dangerous"
Not really sure what to check next, and am hoping that you guys are planning on updating your guide! Thanks a lot!
Calling it quits after beating my head against the wall trying to get split tunneling working correctly on Ubuntu 18.04.1 LTS following the guides for OpenVPN split tunneling and Transmission split tunneling on the this site for Ubuntu 16.04.
What I can confirm is that the way Networking is handled in 18.04 has changed a bit. Instead of using resolv.conf, 18.04 uses systemd-resolv.
So I believe the script calls to /etc/openvpn/update-resolve-conf are in part where the issues lie.
18.04 no longer uses /etc/network/interfaces file but instead a config file found under /etc/netplan which of course has a completely different syntax.
I don't know if I'm way off my rocker here, but these little changes seems to break quite a few things. For example you cannot enable vino screen sharing for VNC in the system settings when using a static ip configuration and netplan because the system "sees" all the networks as unmanaged. I figured out a fix for this basically symlinking /usr/share/applications/vino-server.desktop to /etc/xdg/autostart to manually force enable Vino on startup for all users.... but I digress. .....
There is a package in the Ubuntu repository that is supposed to help openvpn dns mapping based on the git repository found here (I believe).
What I can confirm is that following the existing guide for 16.04, openvpn (tun0) connects on startup as expected and gets a valid ip address.
I can use ping -I tun0 to various places and get responses for via IP and DNS name.
The ping times I get going through tun0 interface are slower than going through my default network interface (which would indicate to me that it is using a different DNS server, but maybe not?) - I'm not sure how to test that.
I can also confirm that when I use curl for vpn user it times out and will not resolve using the command from the guide :
Code:
sudo -u vpn -i -- curl ipinfo.io
I get the following result after a few minutes of waiting:
curl: (7) Failed to connect to ipinfo.io port 80: Connection timed out
However, when I use the command: sudo curl ipinfo.io --interface tun0
I get the following result:
dadmin@ubuntu:~$ sudo curl ipinfo.io --interface tun0
"ip": "173.239.219.17",
"hostname": "ip-17-219-239-173.east.us.northamericancoax.com",
"city": "Lansing",
"region": "Michigan",
"country": "US",
"loc": "42.7325,-84.5555",
"phone": "517",
"org": "AS20473 Choopa, LLC"
so that seems to be working
Also, any torrent I try to paste into the transmission web interface doesn't resolve or connect either.
I have the transmission watch-dir enabled, and when I put a torrent file in there, it appears in the transmission web gui - but it does not start downloading.
So it would seem that tun0 is not actually working correctly- but in some way it is.
When I run ip a in terminal. I have an ip address for tun0 as well as my default nic.
I can use ping -I tun0 and get responses from anywhere I try.
My regular connection works fine, can browse websites, can ssh etc....
Sorry if this is all over the road, I categorize myself as "knows enough to be dangerous"
Not really sure what to check next, and am hoping that you guys are planning on updating your guide! Thanks a lot!