esatravi
commented
1 month ago Just an additional comment. It's unlikely that I'm the only one experiencing an issue with the proxyVM / network manager VPN script / DNS propagation when connecting proxyVM to other appVM. If this issue is the consequence of changes in the latest fedora-40 template then I qubes-os has already got at least a workaround. Otherwise most of qubes-os users who relay on network manager / proxyVM's for VPNs are impacted. Please share this information or the permanent solution if available.
How to file a helpful issue
Qubes OS release
4.2.3 (R4.2)
Brief summary
fedora-40 based proxyVM, with an openvpn VPN script configured and enabled in Network-Manager, does not propagate internet/network connectivity to inheriting appVM qubes.
The problem does not exist when using fedora-39 template as a base for proxyVM (VPN), I suspect fedora-40 must have introduced changes impacting proxyVM network connectivity.
With Fedora-39 template approaching end-of-life I don't have a practical solution to overcome this important limitation.
Steps to reproduce
I have a fedora-40 based proxyVM, with an openvpn VPN script configured and enabled, in Network-Manager. When I test internet access directly in that proxyVM it's working fine (e.g. DNS resolution, access to sites, etc)
I then created an appVM (or started disposableVM) and used that previously created proxyVM as a net qube. In such setup I can't access internet then, it seems as the DNS settings are not passed over to from the proxyVM to appVM qube.
Important: The problem does not exist when using fedora-39 template (or previous version) used as a base for proxyVM (VPN). I suspect there must have been a change in Network-Manager in the new version.
Expected behavior
Internet connectivity/access is inherited by the appVM from proxyVM (with a VPN script enabled in Network Manager)
Actual behavior
Internet connectivity/access is not inherited by the appVM from proxyVM (with a VPN script enabled in Network Manager). It seems AppVM has problems resolving addresses.