VPN에 연결하면 네트워크 액세스가 끊어집니다.

VPN에 연결하면 네트워크 액세스가 끊어집니다.

forticlient를 사용하여 VPN에 연결하면 다른 모든 사이트(VPN 외부)에 액세스할 수 없습니다. 내 DNS에 문제가 있는 줄 알았는데 resolved이제 그럴 수 없다는 걸 깨달았 ping 8.8.8.8으니 좀 더 근본적인 문제겠죠?

VPN에 연결하면 ifconfig -a다음이 표시됩니다(루프백이 제거됨).

eno1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.5  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::279f:54fe:977f:4e6c  prefixlen 64  scopeid 0x20<link>
        ether 18:03:73:e6:32:f2  txqueuelen 1000  (Ethernet)
        RX packets 74896  bytes 58598268 (55.8 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 59257  bytes 11405705 (10.8 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 20  memory 0xe1500000-e1520000 

vpn: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1400
        inet 10.50.192.11  netmask 255.255.255.255  destination 10.50.192.11
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 500  (UNSPEC)
        RX packets 59  bytes 13713 (13.3 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 2155  bytes 172229 (168.1 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

VPN 연결을 끊은 후 언제 기본 DNS 등을 사용할 수 있는지 ifconfig알려주세요 .

eno1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.5  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::279f:54fe:977f:4e6c  prefixlen 64  scopeid 0x20<link>
        ether 18:03:73:e6:32:f2  txqueuelen 1000  (Ethernet)
        RX packets 75682  bytes 58794111 (56.0 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 59981  bytes 11559277 (11.0 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 20  memory 0xe1500000-e1520000

편집(가독성 향상을 위해): ip route제공됨

$ ip route
default via 10.50.192.14 dev vpn scope link default via 192.168.1.254 dev eno1 proto dhcp metric 100
192.168.1.0/24 dev eno1 proto kernel scope link src 192.168.1.5 metric 100
193.1.103.33 via 192.168.1.254 dev eno1

그리고

resolvectl주어진

Global Protocols:
+LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported resolv.conf mode: foreign Current DNS Server: 8.8.8.8 DNS Servers: 8.8.8.8 8.8.4.4 DNS Domain: google.com Link 2

(eno1) Current Scopes: 
DNS LLMNR/IPv4 LLMNR/IPv6 Protocols:
+DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported DNS Servers: 8.8.8.8 8.8.4.4 Link 9 

(vpn) Current Scopes: DNS LLMNR/IPv4 Protocols:
+DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported DNS Servers: 10.220.1.10 10.220.1.11

FWIW 저는 데비안을 실행하고 있습니다

$ uname -a
Linux foirfe 5.15.0-2-amd64 #1 SMP Debian 5.15.5-1 (2021-11-26) x86_64 GNU/Linux

모든 제안에 크게 감사드립니다.

편집 2 traceroute 8.8.8.8::

traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
 1  * * *
 2  193.1.101.1 (193.1.101.1)  12.708 ms  12.723 ms  12.736 ms
 3  * * *
 4  * * *
    :
29  * * *
30  * * *

비교를 위해 VPN에 연결되어 있지 않을 때 Traceroute는 다음과 같이 말합니다.

$ traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
 1  _gateway (192.168.1.254)  0.565 ms  0.763 ms  0.974 ms
 2  95-45-22-1-dynamic.agg2.chd.lmk-mlw.eircom.net (95.45.22.1)  5.355 ms  5.445 ms  6.072 ms
 3  eth-trunk113.hcore1.mlw.core.eircom.net (86.43.255.90)  12.017 ms  12.097 ms  12.177 ms
 4  eth-trunk15.hcore1.prp.core.eircom.net (86.43.254.143)  17.245 ms  17.396 ms  17.496 ms
 5  lag-20-br2-6cr-hcore1-prp.br2.6cr.border.eircom.net (86.43.12.215)  12.620 ms  12.889 ms  12.961 ms
 6  72.14.211.86 (72.14.211.86)  14.130 ms  11.139 ms  11.057 ms
 7  * * *
 8  dns.google (8.8.8.8)  10.721 ms  9.487 ms  9.671 ms

그리고 연결 httping되면

$ httping 8.8.8.8
PING 8.8.8.8:80 (/):
^CGot signal 2
--- http://8.8.8.8/ ping statistics ---
1 connects, 0 ok, 0.00% failed, time 22643ms

nslookup주어 졌지만

$ nslookup 8.8.8.8
nslookup: parse of /etc/resolv.conf failed

파일은 /etc/resolv.conf심볼릭 링크입니다.

 ls -lu /etc/resolv.conf /run/resolvconf/resolv.conf 
lrwxrwxrwx 1 root root  27 Jan  3 15:47 /etc/resolv.conf -> /run/resolvconf/resolv.conf
-rw-r--r-- 1 root root 373 Jan  3 12:44 /run/resolvconf/resolv.conf

이것은 다음과 같습니다:

$ cat /run/resolvconf/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
# 127.0.0.53 is the systemd-resolved stub resolver.
# run "resolvectl status" to see details about the actual nameservers.

nameserver dnsserverip
nameserver 8.8.8.8
nameserver 8.8.4.4
search google.com
nameserver 8.8.8.8

관련 정보