Ed Greshko writes:
Well, it would be good to....
Stop firewalld, dump the IPTables, start the VPN daemon, wait a bit, and dump the IPTables again.
Also, it would be helpful to actually name the commercial VPN which may warn others about the pitfall.
Pretty sure it's Cisco Anyconnect.
$Work$ is in the process of migrating from Ubuntu 16 to Ubuntu 18. Most of the upgrades are user-initiated. For some reason a lot of people just have to be on the latest Ubuntu LTS, but Cisco's VPN client is similarly misbehaving in Ubuntu 18, for some undiagnosed reason.
Me, I'm fine on Ubuntu 16. Not my laptop, it gets the job done. When it's time to replace it, whatever the standard build IT loads, on their laptops, that's what I'll go with. My only customization is ditching Gnome, and using the XFCE desktop, instead.