Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dropped protocol specifier '.openfortivpn' from 'ppp0.openfortivpn'. Using 'ppp0' (ifindex=22). #1239

Open
chriscorrales opened this issue Aug 7, 2024 · 2 comments
Open

Dropped protocol specifier '.openfortivpn' from 'ppp0.openfortivpn'. Using 'ppp0' (ifindex=22). #1239

chriscorrales opened this issue Aug 7, 2024 · 2 comments

Comments

@chriscorrales
Copy link

Hello 👋

I'm having trouble connecting to the VPN where I work. Most of my coworkers use openfortivpn with the same version, and can connect normally. I'm also the only one with the latest version of Ubuntu (24.04).
I also added the line:
resolvectl domain ppp0 my.suffix1 my.suffix2
to the /etc/ppp/ip-up file.

I noticed that my terminal has a different output, which is this message:
"Dropped protocol specifier '.openfortivpn' from 'ppp0.openfortivpn'. Using 'ppp0' (ifindex=24)."

I use the following command to connect:

$ sudo openfortivpn <host>:<port> --username=<user>  --trusted-cert=<cert>

Here is the terminal output using -v. I replaced some confidential information with * and for some repeated outputs I put ...

DEBUG:  openfortivpn 1.21.0
DEBUG:  revision unavailable
DEBUG:  Loaded configuration file "/etc/openfortivpn/config".
VPN account password: 
DEBUG:  Configuration host = "*"
DEBUG:  Configuration realm = ""
DEBUG:  Configuration port = "*"
DEBUG:  Configuration username = "*"
DEBUG:  Resolving gateway host ip
DEBUG:  Establishing ssl connection
DEBUG:  SO_KEEPALIVE: OFF
DEBUG:  TCP_KEEPIDLE: 7200
DEBUG:  TCP_KEEPINTVL: 75
DEBUG:  TCP_KEEPCNT: 9
DEBUG:  SO_SNDBUF: 16384
DEBUG:  SO_RCVBUF: 131072
DEBUG:  server_addr: *
DEBUG:  server_port: 10443
DEBUG:  gateway_ip: *
DEBUG:  gateway_port: 10443
DEBUG:  Setting cipher list to: HIGH:!aNULL:!kRSA:!PSK:!SRP:!MD5:!RC4
DEBUG:  Setting minimum protocol version to: 0x303.
DEBUG:  Gateway certificate validation failed.
DEBUG:  Gateway certificate digest found in white list.
INFO:   Connected to gateway.
DEBUG:  Cookie: SVPNCOOKIE=*
INFO:   Authenticated.
DEBUG:  Cookie: SVPNCOOKIE=*
INFO:   Remote gateway has allocated a VPN.
DEBUG:  SO_KEEPALIVE: OFF
DEBUG:  TCP_KEEPIDLE: 7200
DEBUG:  TCP_KEEPINTVL: 75
DEBUG:  TCP_KEEPCNT: 9
DEBUG:  SO_SNDBUF: 16384
DEBUG:  SO_RCVBUF: 131072
DEBUG:  server_addr: *
DEBUG:  server_port: 10443
DEBUG:  gateway_ip: *
DEBUG:  gateway_port: 10443
DEBUG:  Setting cipher list to: HIGH:!aNULL:!kRSA:!PSK:!SRP:!MD5:!RC4
DEBUG:  Setting minimum protocol version to: 0x303.
DEBUG:  Gateway certificate validation failed.
DEBUG:  Gateway certificate digest found in white list.
DEBUG:  Retrieving configuration
DEBUG:  Found dns server * in xml config
DEBUG:  Found dns server * in xml config
DEBUG:  Establishing the tunnel
DEBUG:  ppp_path: /usr/sbin/pppd
DEBUG:  Switch to tunneling mode
DEBUG:  Starting IO through the tunnel
DEBUG:  pppd_read thread
DEBUG:  ssl_read thread
DEBUG:  ssl_write thread
DEBUG:  if_config thread
Using interface ppp0
Connect: ppp0 <--> /dev/pts/1
DEBUG:  pppd_write thread
DEBUG:  pppd ---> gateway (16 bytes)
DEBUG:  gateway ---> pppd (12 bytes)
DEBUG:  gateway ---> pppd (16 bytes)
DEBUG:  pppd ---> gateway (12 bytes)
...
DEBUG:  gateway ---> pppd (12 bytes)
...
INFO:   Got addresses: [*], ns [*, *]
INFO:   Negotiation complete.
DEBUG:  Got Address: *
DEBUG:  if_config: not ready yet...
DEBUG:  gateway ---> pppd (12 bytes)
DEBUG:  pppd ---> gateway (12 bytes)
...
DEBUG:  Got Address: *
DEBUG:  gateway ---> pppd (12 bytes)
DEBUG:  pppd ---> gateway (12 bytes)
DEBUG:  if_config: not ready yet...
DEBUG:  gateway ---> pppd (12 bytes)
DEBUG:  pppd ---> gateway (12 bytes)
...
DEBUG:  Got Address: *
DEBUG:  if_config: not ready yet...
DEBUG:  gateway ---> pppd (12 bytes)
DEBUG:  pppd ---> gateway (12 bytes)
...
DEBUG:  Got Address: *
DEBUG:  if_config: not ready yet...
DEBUG:  gateway ---> pppd (12 bytes)
DEBUG:  pppd ---> gateway (12 bytes)
...
DEBUG:  Got Address: *
DEBUG:  if_config: not ready yet...
DEBUG:  gateway ---> pppd (12 bytes)
DEBUG:  pppd ---> gateway (12 bytes)
...
DEBUG:  Got Address: *
DEBUG:  if_config: not ready yet...
DEBUG:  gateway ---> pppd (12 bytes)
DEBUG:  pppd ---> gateway (12 bytes)
...
INFO:   Negotiation complete.
DEBUG:  pppd ---> gateway (6 bytes)
local  IP address *
remote IP address *
DEBUG:  Got Address: *
DEBUG:  Interface Name: ppp0
DEBUG:  Interface Addr: *
INFO:   Interface ppp0 is UP.
INFO:   Setting new routes...
DEBUG:  ip route show to */* dev !ppp0
DEBUG:  ip route show to */* dev ppp0
DEBUG:  Route not found.
DEBUG:  ip route show to */* dev !ppp0
DEBUG:  Setting route to vpn server...
DEBUG:  ip route show to */* via * dev wlp4s0
DEBUG:  ip route add to */* via * dev wlp4s0
DEBUG:  ip route add to */* dev ppp0
...
INFO:   Adding VPN nameservers...
DEBUG:  Attempting to run /sbin/resolvconf.
DEBUG:  resolvconf_call: /sbin/resolvconf -a "ppp0.openfortivpn"
Dropped protocol specifier '.openfortivpn' from 'ppp0.openfortivpn'. Using 'ppp0' (ifindex=23).
INFO:   Tunnel is up and running.

Does anyone know what can it be?
@chriscorrales
Copy link
Author

UPDATE: I discovered that if I access the services by IP it works normally, but via DNS it doesn't work.

@Mihai-B
Copy link

Mihai-B commented Aug 19, 2024
edited
Loading

I am having the same issue.

Until a permanent fix is found for this, I can bypass this by running these commands after connecting to VPN:

sudo resolvectl dns ppp0 <insert_company_internal_dns_ip>
sudo resolvectl domain ppp0 ~.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Mihai-B @chriscorrales