Home / server / Questions / 647245
Accepted
Stephen Melrose
Asked: 2014-11-27 05:26:48 +0800 CST

Ubuntu OpenVPN GUI setting incorrect default routing gateway

  • 772

I'm currently playing with setting up an OpenVPN Access Server in AWS. For the most part I've got everything working, except when I try to add the VPN connection to Ubuntu using the networks GUI.

This is my routes -n output when I'm not connected to the VPN,

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.0.1     0.0.0.0         UG    0      0        0 wlan0
192.168.0.0     0.0.0.0         255.255.255.0   U     9      0        0 wlan0

The VPN is configured to not route internet traffic. So when I connect via the command line using sudo openvpn client.ovpn everything works as expected and my routes -n looks like the following,

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.0.1     0.0.0.0         UG    0      0        0 wlan0
54.173.232.46   192.168.0.1     255.255.255.255 UGH   0      0        0 wlan0
172.16.0.0      172.16.224.129  255.255.254.0   UG    101    0        0 tun0
172.16.224.0    172.16.224.129  255.255.255.0   UG    101    0        0 tun0
172.16.224.128  0.0.0.0         255.255.255.128 U     0      0        0 tun0
192.168.0.0     0.0.0.0         255.255.255.0   U     9      0        0 wlan0

Take note of the default route 0.0.0.0 hitting my router 192.168.0.1. If I try and hit Google, all works as expected.

I don't want to have to connect to the VPN via command line everytime so I installed network-manager-openvpn-gnome and imported the client.ovpn when creating the VPN.

Now when I connect via the network dropdown in the tool bar, the VPN connects fine, but I can't access Google or any other website. I can access servers in my AWS VPC, but that's it.

Interestingly my routes -n now looks like the following,

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         172.16.224.129  0.0.0.0         UG    0      0        0 tun0
54.173.232.46   192.168.0.1     255.255.255.255 UGH   0      0        0 wlan0
172.16.0.0      172.16.224.129  255.255.254.0   UG    101    0        0 tun0
172.16.224.0    172.16.224.129  255.255.255.0   UG    101    0        0 tun0
172.16.224.128  0.0.0.0         255.255.255.128 U     0      0        0 tun0
192.168.0.0     0.0.0.0         255.255.255.0   U     9      0        0 wlan0

Note the default route is no longer pointing at my router.

Unless I'm being blind I can't find an option in the networks GUI where I can fix this.

Any ideas?

Thanks

ubuntu

2 Answers

  1. Best Answer

    Turns out I was being blind.

    Edit the VPN connection -> IPv4 Settings -> Click "Routes", and finally check "Use this connection only for resources on its network".

    • 9

  2. The accepted answer did not work for me on Fedora 31 and NetworkManager. I was able to resolve by modifying /etc/NetworkManager/system-connections/vpn_name

    [vpn]
...
never-default=true
...

    Then restart NetworkManager with 

    sudo systemctl restart NetworkManager
    • 2