On 20/05/2021 07:22, Anca, Tibor wrote:
Am Mittwoch, dem 19.05.2021 um 15:20 -0700 schrieb Samuel Sieb:
Is there any indication in logs that openconnect is getting DNS info? you can add the DNS info. I think systemd-resolved is supposed to be should get all requests.
Where do I see those logs? If I run systemctl status systemd-resolved than I see this:
vpn0: Bus client set DNS server list to: 192.168.x.x, 192.168.x,y
Now, those two entries are added by the AnyConnect-Client to /etc/resolv.conf.
I cant figure out, why NM is not doing that...
First, when using NM and the openconnect plugin I'm assuming you've not disabled systemd-resolved.
So, your /etc/resolv.conf is a symlink on the order of
lrwxrwxrwx. 1 root root 39 Oct 31 2020 /etc/resolv.conf -> ../run/systemd/resolve/stub-resolv.conf
If that is the case, then can you compare the output of "resolvectl" for dis-connected/connected? I only use openvpn. But it looks like so:
disconnected
[egreshko@f34k ~]$ resolvectl Global Protocols: LLMNR=resolve -mDNS -DNSOverTLS DNSSEC=no/unsupported resolv.conf mode: stub
Link 2 (enp1s0) Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6 Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported Current DNS Server: 192.168.122.1 DNS Servers: 192.168.122.1 DNS Domain: greshko.com
connected
Global Protocols: LLMNR=resolve -mDNS -DNSOverTLS DNSSEC=no/unsupported resolv.conf mode: stub
Link 2 (enp1s0) Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6 Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported Current DNS Server: 192.168.122.1 DNS Servers: 192.168.122.1 DNS Domain: greshko.com
Link 3 (tun0) Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6 Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported Current DNS Server: 25.0.0.1 DNS Servers: 25.0.0.1