Install vpnc
Link
https://pkgs.org/download/vpnc
Edit vpnc config file
/etc/vpnc/default.conf
IPSec gateway vpn2.nscc-gz.cn
IPSec ID VPN
IPSec secret gzcszx@123
#IKE Authmode hybrid
Xauth username vpn_username
Xauth password vpn_password
Edit ssh config file
~/.ssh/config
Host th
Hostname 172.16.22.11
IdentityFile your_private_key
User username
Login
$ sudo vpnc
$ ssh th
Disconnect
$ sudo vpnc-disconnect
vpnc traffic routing
Background
I am having an issue when I connect to TH-2 VPN through VPNC.
The problem is when the VPN is up, all network traffic seems to get routed through the VPN, and I lose most internet connectivity, because the VPN is setup for internal work network access.
Solution
Check normal IP before VPNC starts
$ sudo ifconfig
eno1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 10.13.35.197 netmask 255.255.0.0 broadcast 10.13.255.255 inet6 2001:da8:1035:3::6:d746 prefixlen 128 scopeid 0x0<global> inet6 fe80::4639:c4ff:fe8e:31 prefixlen 64 scopeid 0x20<link> ether 44:39:c4:8e:00:31 txqueuelen 1000 (Ethernet) RX packets 90399666 bytes 73791857163 (68.7 GiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 120320074 bytes 143428796457 (133.5 GiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 device interrupt 20 memory 0xf7f00000-f7f20000 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1 (Local Loopback) RX packets 5203988 bytes 4549957994 (4.2 GiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 5203988 bytes 4549957994 (4.2 GiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
$ sudo route
Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default bogon 0.0.0.0 UG 0 0 0 eno1 default bogon 0.0.0.0 UG 100 0 0 eno1 10.13.0.0 0.0.0.0 255.255.0.0 U 100 0 0 eno1
Connect VPN and check again
$ sudo ifconfig
eno1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 10.13.35.197 netmask 255.255.0.0 broadcast 10.13.255.255 inet6 2001:da8:1035:3::6:d746 prefixlen 128 scopeid 0x0<global> inet6 fe80::4639:c4ff:fe8e:31 prefixlen 64 scopeid 0x20<link> ether 44:39:c4:8e:00:31 txqueuelen 1000 (Ethernet) RX packets 90400426 bytes 73792065098 (68.7 GiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 120320839 bytes 143428966097 (133.5 GiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 device interrupt 20 memory 0xf7f00000-f7f20000 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1 (Local Loopback) RX packets 5204004 bytes 4549958800 (4.2 GiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 5204004 bytes 4549958800 (4.2 GiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1412 inet 172.17.63.9 netmask 255.255.255.255 destination 172.17.63.9 inet6 fe80::64d2:86d6:7c39:c107 prefixlen 64 scopeid 0x20<link> unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 500 (UNSPEC) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 37 bytes 2922 (2.8 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
$ sudo route
Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 0.0.0.0 0.0.0.0 U 0 0 0 tun0 default 10.13.255.254 0.0.0.0 UG 100 0 0 eno1 10.13.0.0 0.0.0.0 255.255.0.0 U 100 0 0 eno1 114.67.37.68 10.13.255.254 255.255.255.255 UGH 0 0 0 eno1
Delete the route that vpnc adds, and add my route I need to go through the VPN.
$ sudo route add -host 172.16.22.11 dev tun0
$ sudo route del default dev tun0
$ sudo route
Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 10.13.255.254 0.0.0.0 UG 100 0 0 eno1 10.13.0.0 0.0.0.0 255.255.0.0 U 100 0 0 eno1 114.67.37.68 10.13.255.254 255.255.255.255 UGH 0 0 0 eno1 172.16.22.11 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
Conclusion
It’s better to write a script for this issue:
#!/bin/bash
echo "Connecting to myVPN..."
vpnc
echo "Setting up routing table..."
route del default dev tun0
route add -host 172.16.22.11 dev tun0
echo -n "Press Enter to continue..."
read
Say something
Thank you
Your comment has been submitted and will be published once it has been approved.
OOPS!
Your comment has not been submitted. Please go back and try again. Thank You!
If this error persists, please open an issue by clicking here.