Fedora 36 L2TP VPN

Hello,

I’m trying to upgrade to Fedora 36 but struggling with getting the VPN to work that my company uses. I’m experimenting with a Fedora 36 laptop and have my Fedora 35 laptop running right next to it where the VPN does work.

I’ve troubleshot a bit and I’m able to “Connect” to the VPN, and I’m getting an IP address, but I’m not able to ping the VPN gateway or anything else on the network. Do you guys have any suggestions for next steps I can take to troubleshoot this?

1 Like

This sounds like you are not properly getting the vpn config, particularly routing and maybe dns.

With the vpn inactive please provide the output of ip addr and ip route. Then connect the vpn and again provide the same info.

You can compare that with what you get on the F35 machine (both ways) and see what the differences may be.

Hi Jeff,

Thanks for your response. I’ve actually forced routes on the VPN connection (I’m using gnome network manager), and I’ve tried pinging my VPN gateway address using ping -I ppp0 {gateway-address-here}.

Fedora 35:

3: wlp59s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 9c:b6:d0:fc:d7:e3 brd ff:ff:ff:ff:ff:ff
    inet 192.168.86.108/24 brd 192.168.86.255 scope global dynamic noprefixroute wlp59s0
       valid_lft 77149sec preferred_lft 77149sec
    inet6 fdc0:25fc:9887:0:359e:b0ea:f0a5:2b7f/64 scope global dynamic noprefixroute 
       valid_lft 1091sec preferred_lft 1091sec
    inet6 fe80::7ec6:97e4:48d3:a8ee/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

13: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1400 qdisc fq_codel state UNKNOWN group default qlen 3
    link/ppp 
    inet 192.168.50.4/32 scope global noprefixroute ppp0
       valid_lft forever preferred_lft forever

Fedora 35 Routes:

default via 192.168.86.1 dev wlp59s0 proto dhcp metric 600 
192.168.1.0/24 via 192.168.50.1 dev ppp0 proto static metric 50 
192.168.10.0/24 via 192.168.50.1 dev ppp0 proto static metric 50 
192.168.13.0/24 via 192.168.50.1 dev ppp0 proto static metric 50 
192.168.50.1 dev ppp0 proto static scope link metric 50 
192.168.86.0/24 dev wlp59s0 proto kernel scope link src 192.168.86.108 metric 600 
192.168.86.1 dev wlp59s0 proto static scope link metric 600 
216.83.74.139 via 192.168.86.1 dev wlp59s0 proto static metric 600

Fedora 36:

2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 52:54:00:48:d4:fd brd ff:ff:ff:ff:ff:ff
    inet 192.168.86.170/24 brd 192.168.122.255 scope global dynamic noprefixroute enp1s0
       valid_lft 3349sec preferred_lft 3349sec
    inet6 fe80::c1bb:c41d:b28a:aae9/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1400 qdisc fq_codel state UNKNOWN group default qlen 3
    link/ppp 
    inet 192.168.50.5 peer 216.83.74.139/32 scope global ppp0
       valid_lft forever preferred_lft forever
    inet 192.168.50.5/32 scope global noprefixroute ppp0
       valid_lft forever preferred_lft forever

Fedora 36 Routes:

default via 192.168.86.1 dev enp1s0 proto dhcp src 192.168.86.170 metric 20100 
192.168.1.0/24 via 192.168.50.1 dev ppp0 proto static metric 50 
192.168.10.0/24 via 192.168.50.1 dev ppp0 proto static metric 50 
192.168.13.0/24 via 192.168.50.1 dev ppp0 proto static metric 50 
192.168.86.0/24 dev enp1s0 proto kernel scope link src 192.168.122.170 metric 100 
192.168.86.1 dev enp1s0 proto static scope link metric 50 
216.83.74.139 dev ppp0 proto kernel scope link src 192.168.50.5 
216.83.74.139 via 192.168.86.1 dev enp1s0 proto static metric 50

One thing I notice that’s different is that Fedora 36 lists a peer address on the interface and Fedora 35 doesn’t?

216.83.74.139 apparently is your VPN endpoint, but it is in Fedora 36 the ppp0 remote too. This should be 192.168.50.1. No idea why the ppp-remote does not show up in F35, but in F36 it looks definitively wrong.