By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AWS VPN Client on Linux Ubuntu not working

0

We have a VPN setup and everything works fine for other person.

But I have a Linux with Ubuntu, and client can connect, but I cannot acceess services.

telnet told me DNS cannot be resolved. Using curl to hit services with their internal ip (10.0.0.150) doesn't work.

I followed the troubleshooting for Linux but didn't help.

Logs told me push message has been received from server (DNS 10.0.0.2, routes etc....)

The 2nd weird part is that we enabled split tunnel, and it should not pass through VPC. However it is

Topics
Networking & Content Delivery
Tags
AWS Virtual Private Network (VPN)
Language
English
Iziodev
asked 2 years ago407 views
1 Answer
0

Hi, I understand that you are facing connectivity issues for your VPN on Ubuntu. The following are some troubleshooting steps that you can take to determine the source of your issue:

Since your client is already connecting, you do not need to check your VPN client configuration for Ubuntu with credentials, encryption, and server address.

  1. Check DNSTry using netcat on port 53 (the standard port for DNS) to the DNS server.

Since telnet and curl doesn’t work, you should try using ping to test if basic connectivity exists. The command to do so would be “ping 8.8.8.8” or “ping amazon.com”. If this works, try to use the “dig amazon.com” command to trace and determine whether the port is open. Ping will tell you if the ICMP port is open, while dig will tell you more information on the DNS resolvers.

If this doesn’t work, you might be having internet connectivity problems. In this case, follow the steps provided in the section “Clients can’t access a peered VPC, Amazon S3, or the internet” at https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/troubleshooting.html.

  1. If this does work, check your /etc/resolv.conf file for the proper DNS servers. You can manually add them if needed and then check DNS resolvability with nslookup example.com.

Check VPN Routes: Check that there are routes for your VPN subnet in the route table and properly routed to the internet gateway. You can also use “ip route” to check this.

  1. Check server side Firewalls and Security Groups: You should check your firewall configurations to see if it’s blocking traffic that you want.

  2. Verify Split Tunneling Setup: a. Ensure that your configurations for Split Tunneling is correct. b. Here are some links for proper setup of your VPC endpoint split tunnels: i. Main setup instructions: https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/split-tunnel-vpn.html ii. More detailed instructions: https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/cvpn-working-endpoints.html#cvpn-working-endpoint-create

Your VPN logs might also be a helpful clue to resolving your problem and can be found in /var/log/. For more information and a more detailed guide on troubleshooting your VPN Client, see https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/troubleshooting.html.

Please let me know if you have any further questions. Hope this helps!

Nathan_W
answered 9 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content