WSL2 networkingMode=mirrored connection timed out when going over two VPNs

[marbaa]

Windows Version

Microsoft Windows [Version 10.0.22631.4317]

WSL Version

2.3.26.0

Are you using WSL 1 or WSL 2?

• [x] WSL 2
• [ ] WSL 1

Kernel Version

5.15.167.4-1

Distro Version

Debian 11

Other Software

No response

Repro Steps

1. Enable mirrored networking
2. Connect via VPN (Cisco AnyConnect)
3. Connect via second VPN (CheckPoint Securemote) - new routes for target networks are added
4. Make ssh from windows cmd - works
5. Make ssh from any WSL2 distro - connection timed out

We use AnyConnect to connect to company network. To access target servers, we need to further connect to other VPN with Checkpoint. ssh to servers located on first VPN works with mirrored mode from WSL2 distro. ssh to servers located behind second VPN doesn't work from WSL2 distro.

However ssh to servers behind second VPN works from windows cmd.

Routes from Windows are propagated into WSL2 distro, also destination ip is shown in route table through same gateway ip. Doesn't matter in which order I connect to second VPN/wsl --shutdown.

Expected Behavior

Working ssh connection from WSL2 distro with mirrored network.

Actual Behavior

Timed out connection from WSL2 distro with mirrored network.

Diagnostic Logs

No response

[github-actions[bot]]

Logs are required for review from WSL team

If this a feature request, please reply with '/feature'. If this is a question, reply with '/question'. Otherwise please attach logs by following the instructions below, your issue will not be reviewed unless they are added. These logs will help us understand what is going on in your machine.

How to collect WSL logs

Download and execute [collect-wsl-logs.ps1](https://github.com/Microsoft/WSL/blob/master/diagnostics/collect-wsl-logs.ps1) in an **administrative powershell prompt**: ``` Invoke-WebRequest -UseBasicParsing "https://raw.githubusercontent.com/microsoft/WSL/master/diagnostics/collect-wsl-logs.ps1" -OutFile collect-wsl-logs.ps1 Set-ExecutionPolicy Bypass -Scope Process -Force .\collect-wsl-logs.ps1 ``` The script will output the path of the log file once done. If this is a networking issue, please use [collect-networking-logs.ps1](https://github.com/Microsoft/WSL/blob/master/diagnostics/collect-networking-logs.ps1), following the instructions [here](https://github.com/microsoft/WSL/blob/master/CONTRIBUTING.md#collect-wsl-logs-for-networking-issues) Once completed please upload the output files to this Github issue. [Click here for more info on logging](https://github.com/microsoft/WSL/blob/master/CONTRIBUTING.md#8-collect-wsl-logs-recommended-method) If you choose to email these logs instead of attaching to the bug, please send them to wsl-gh-logs@microsoft.com with the number of the github issue in the subject, and in the message a link to your comment in the github issue and reply with '/emailed-logs'.

View similar issues

Please view the issues below to see if they solve your problem, and if the issue describes your problem please consider closing this one and thumbs upping the other issue to help us prioritize it!

Open similar issues:

• openvpn connection stops working after upgraded to 2.0.9 with mirrored networking (#10879), similarity score: 0.80
• Starting VPN failed when WSL with networkingMode=mirrored is running (#10830), similarity score: 0.75

Closed similar issues:

• Unable to access VPN from WSL2 when networking mode set to mirrored (#11072), similarity score: 0.83
• Unable to use VPN routes from within WSL 2 (#7315), similarity score: 0.76
• Internet in WSL2 error when using mirrored network with firewall (#11585), similarity score: 0.75

Note: You can give me feedback by thumbs upping or thumbs downing this comment.