Openconnect on Fedora 29

As of Nov 2018, openconnect appears to be broken on Fedora 29. When you connect to a VPN, the DNS servers are not updated and hence any hosts over the VPN will not resolve.

This has been reported on bugzilla but in the meantime the following fix works.

Create a copy of /etc/vpnc/vpnc-script to apply fixes.

cp /etc/vpnc/vpnc-script /etc/vpnc/vpnc-script-fixed

Comment out the lines about resolvconf:

--- /etc/vpnc/vpnc-script	2018-07-15 17:21:15.000000000 +0100
+++ /etc/vpnc/vpnc-script-fixed	2018-11-23 14:30:46.554019322 +0000
@@ -131,9 +131,9 @@
 elif [ -x /usr/bin/busctl ] && [ ${RESOLVEDENABLED} = 1 ]; then  # For systemd-resolved (version 229 and above)
 	MODIFYRESOLVCONF=modify_resolved_manager
 	RESTORERESOLVCONF=restore_resolved_manager
-elif [ -x /sbin/resolvconf ]; then # Optional tool on Debian, Ubuntu, Gentoo and FreeBSD
-	MODIFYRESOLVCONF=modify_resolvconf_manager
-	RESTORERESOLVCONF=restore_resolvconf_manager
+#elif [ -x /sbin/resolvconf ]; then # Optional tool on Debian, Ubuntu, Gentoo and FreeBSD
+#	MODIFYRESOLVCONF=modify_resolvconf_manager
+#	RESTORERESOLVCONF=restore_resolvconf_manager
 elif [ -x /sbin/netconfig ]; then # tool on Suse after 11.1
 	MODIFYRESOLVCONF=modify_resolvconf_suse_netconfig
 	RESTORERESOLVCONF=restore_resolvconf_suse_netconfig

Then supply this as an argument to openconnect:

/usr/sbin/openconnect -s /etc/vpnc/vpnc-script-fixed <args> hostname

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.