search

ruyrybeyro / chrootvpn

Checkpoint R80+ VPN client chroot wrapper
Apache License 2.0
135 stars 21 forks source link

Cannot route the traffic through the vpn. #13

Closed sabeelwani closed 1 year ago

sabeelwani commented 1 year ago

Firstly, I would like to thank you for your work with this script. I am using Ubuntu 22.04.1 and I successfully managed to connect to the university checkpoint VPN but all my traffic does not route through the VPN. I tried to route the traffic through the IP route command but after that, everything stops working.

This is the IP route table after connecting: 

default via 192.168.31.1 dev wlp2s0 proto dhcp metric 600 
147.232.1.1 dev tunsnx src 147.232.165.234 
147.232.1.2/31 dev tunsnx src 147.232.165.234 
147.232.1.4/30 dev tunsnx src 147.232.165.234 
147.232.1.8/29 dev tunsnx src 147.232.165.234 
147.232.1.16/28 dev tunsnx src 147.232.165.234 
147.232.1.32/27 dev tunsnx src 147.232.165.234 
147.232.1.64/26 dev tunsnx src 147.232.165.234 
147.232.1.128/25 dev tunsnx src 147.232.165.234 
147.232.2.0/23 dev tunsnx src 147.232.165.234 
147.232.4.0/22 dev tunsnx src 147.232.165.234 
147.232.8.0/22 dev tunsnx src 147.232.165.234 
147.232.12.0/23 dev tunsnx src 147.232.165.234 
147.232.14.0/25 dev tunsnx src 147.232.165.234 
147.232.14.128/28 dev tunsnx src 147.232.165.234 
147.232.14.144/31 dev tunsnx src 147.232.165.234 
147.232.14.147 dev tunsnx src 147.232.165.234 
147.232.14.148/30 dev tunsnx src 147.232.165.234 
147.232.14.152/29 dev tunsnx src 147.232.165.234 
147.232.14.160/27 dev tunsnx src 147.232.165.234 
147.232.14.192/26 dev tunsnx src 147.232.165.234 
147.232.15.0/24 dev tunsnx src 147.232.165.234 
147.232.16.0/20 dev tunsnx src 147.232.165.234 
147.232.32.0/20 dev tunsnx src 147.232.165.234 
147.232.48.0/23 dev tunsnx src 147.232.165.234 
147.232.50.0/25 dev tunsnx src 147.232.165.234 
147.232.50.128/26 dev tunsnx src 147.232.165.234 
147.232.50.192/27 dev tunsnx src 147.232.165.234 
147.232.50.224/28 dev tunsnx src 147.232.165.234 
147.232.50.240/29 dev tunsnx src 147.232.165.234 
147.232.50.248/30 dev tunsnx src 147.232.165.234 
147.232.50.252/31 dev tunsnx src 147.232.165.234 
147.232.50.254 dev tunsnx src 147.232.165.234 
147.232.51.1 dev tunsnx src 147.232.165.234 
147.232.51.2/31 dev tunsnx src 147.232.165.234 
147.232.51.4/30 dev tunsnx src 147.232.165.234 
147.232.51.8/29 dev tunsnx src 147.232.165.234 
147.232.51.16/28 dev tunsnx src 147.232.165.234 
147.232.51.32/27 dev tunsnx src 147.232.165.234 
147.232.51.64/26 dev tunsnx src 147.232.165.234 
147.232.51.128/25 dev tunsnx src 147.232.165.234 
147.232.52.0/22 dev tunsnx src 147.232.165.234 
147.232.56.0/21 dev tunsnx src 147.232.165.234 
147.232.64.0/19 dev tunsnx src 147.232.165.234 
147.232.96.0/22 dev tunsnx src 147.232.165.234 
147.232.100.0/25 dev tunsnx src 147.232.165.234 
147.232.100.128/26 dev tunsnx src 147.232.165.234 
147.232.100.192/27 dev tunsnx src 147.232.165.234 
147.232.100.224/28 dev tunsnx src 147.232.165.234 
147.232.100.240/29 dev tunsnx src 147.232.165.234 
147.232.100.248/30 dev tunsnx src 147.232.165.234 
147.232.100.252/31 dev tunsnx src 147.232.165.234 
147.232.100.254 dev tunsnx src 147.232.165.234 
147.232.101.1 dev tunsnx src 147.232.165.234 
147.232.101.2/31 dev tunsnx src 147.232.165.234 
147.232.101.4/30 dev tunsnx src 147.232.165.234 
147.232.101.8/29 dev tunsnx src 147.232.165.234 
147.232.101.16/28 dev tunsnx src 147.232.165.234 
147.232.101.32/27 dev tunsnx src 147.232.165.234 
147.232.101.64/26 dev tunsnx src 147.232.165.234 
147.232.101.128/25 dev tunsnx src 147.232.165.234 
147.232.102.0/23 dev tunsnx src 147.232.165.234 
147.232.104.0/21 dev tunsnx src 147.232.165.234 
147.232.112.0/20 dev tunsnx src 147.232.165.234 
147.232.128.0/20 dev tunsnx src 147.232.165.234 
147.232.144.0/22 dev tunsnx src 147.232.165.234 
147.232.148.0/23 dev tunsnx src 147.232.165.234 
147.232.150.0/31 dev tunsnx src 147.232.165.234 
147.232.151.1 dev tunsnx src 147.232.165.234 
147.232.151.2/31 dev tunsnx src 147.232.165.234 
147.232.151.4/30 dev tunsnx src 147.232.165.234 
147.232.151.8/29 dev tunsnx src 147.232.165.234 
147.232.151.16/28 dev tunsnx src 147.232.165.234 
147.232.151.32/27 dev tunsnx src 147.232.165.234 
147.232.151.64/26 dev tunsnx src 147.232.165.234 
147.232.151.128/25 dev tunsnx src 147.232.165.234 
147.232.152.0/21 dev tunsnx src 147.232.165.234 
147.232.160.0/19 dev tunsnx src 147.232.165.234 
147.232.165.233 dev tunsnx proto kernel scope link src 147.232.165.234 
147.232.192.0/21 dev tunsnx src 147.232.165.234 
147.232.200.0/25 dev tunsnx src 147.232.165.234 
147.232.200.128/26 dev tunsnx src 147.232.165.234 
147.232.200.192/27 dev tunsnx src 147.232.165.234 
147.232.200.224/28 dev tunsnx src 147.232.165.234 
147.232.200.240/29 dev tunsnx src 147.232.165.234 
147.232.200.248/30 dev tunsnx src 147.232.165.234 
147.232.200.252/31 dev tunsnx src 147.232.165.234 
147.232.200.254 dev tunsnx src 147.232.165.234 
147.232.201.1 dev tunsnx src 147.232.165.234 
147.232.201.2/31 dev tunsnx src 147.232.165.234 
147.232.201.4/30 dev tunsnx src 147.232.165.234 
147.232.201.8/29 dev tunsnx src 147.232.165.234 
147.232.201.16/28 dev tunsnx src 147.232.165.234 
147.232.201.32/27 dev tunsnx src 147.232.165.234 
147.232.201.64/26 dev tunsnx src 147.232.165.234 
147.232.201.128/25 dev tunsnx src 147.232.165.234 
147.232.202.0/23 dev tunsnx src 147.232.165.234 
147.232.204.0/22 dev tunsnx src 147.232.165.234 
147.232.208.0/20 dev tunsnx src 147.232.165.234 
147.232.224.0/20 dev tunsnx src 147.232.165.234 
147.232.240.0/21 dev tunsnx src 147.232.165.234 
147.232.248.0/22 dev tunsnx src 147.232.165.234 
147.232.252.0/23 dev tunsnx src 147.232.165.234 
147.232.254.0/24 dev tunsnx src 147.232.165.234 
147.232.255.0/25 dev tunsnx src 147.232.165.234 
147.232.255.128/26 dev tunsnx src 147.232.165.234 
147.232.255.192/27 dev tunsnx src 147.232.165.234 
147.232.255.224/28 dev tunsnx src 147.232.165.234 
147.232.255.240/29 dev tunsnx src 147.232.165.234 
147.232.255.248/30 dev tunsnx src 147.232.165.234 
147.232.255.252/31 dev tunsnx src 147.232.165.234 
147.232.255.254 dev tunsnx src 147.232.165.234 
169.254.0.0/16 dev wlp2s0 scope link metric 1000 
192.168.31.0/24 dev wlp2s0 proto kernel scope link src 192.168.31.92 metric 600

The vpn works fine when i connect using windows or android clients.

ruyrybeyro commented 1 year ago

Hi, it is not very clear what you meant as "but all my traffic does not route through the VPN" and "I tried to route the traffic through the IP route".

On first glance, the script seems to be working as intended and is well tested in Ubuntu 22.04 and variants.

Routing/DNS issues can be complex, and involve proxies too. Would you be able to detail better what is happening, and what is expected? (No name resolution happening? no external/Internet sites opening, routing table supplied and changes?...)

sabeelwani commented 1 year ago

The issue I had was, when I connect to the VPN and I add the VPN interface as the default route using IP route command, the internet stops working. I figured out that it was a problem with incorrect routes. These are the commands for correct routes: sudo ip route add 147.232.0.0/16 via 192.168.31.1 dev wlp2s0 sudo ip route del default sudo ip route add 0.0.0.0/0 dev snxtun

sabeelwani commented 1 year ago

Thank You 👍🏻 .

ruyrybeyro commented 1 year ago

That usually is made by design for security reasons, it is the difference between a full tunnel VPN (no Internet access) versus a split tunnel VPN.

Please see the "Split tunneling" topic at the project/README page, it might be of help.

Regards