[NBLUG/talk] Can't connect to the Internet
Eric T. Landerville
eric at landerville.com
Thu Jan 31 20:19:52 PST 2008
Roger House wrote:
> Ken McGlothlen wrote:
>
>> | From: Roger House <rhouse at sonic.net>
>> |
>> | [...] However, all is not yet ideal. Although I seem to have full access to
>> | the Internet, I am now not able to VPN to the remote machine. When I run
>> | vpnc-connect as I always have in the past, I now get this error:
>> |
>> | /etc/vpnc/vpnc-script: 1: Cannot open /var/run/vpnc/resolv.conf-backup
>> | No such file
>> |
>> | Despite this message, I am told that VPNC started in the background. When
>> | I run Terminal Server Client to connect, I get this error:
>> |
>> | szego.infocentricity.com unable to resolve host
>> |
>> | That is the name of the remote machine I work on via VPN. I have made no
>> | changes at all to the scripts and procedures I use to VPN.
>> |
>> | Any ideas?
>>
>> Well, I can't get szego.infocentricity.com to resolve, either.
>>
>> $ dig szego.infocentricity.com
>>
>> ; <<>> DiG 8.3 <<>> szego.infocentricity.com
>> ;[...]
>>
>> ;; AUTHORITY SECTION:
>> infocentricity.com. 1h57m27s IN SOA ns1.infocentricity.com. hostmaster.infocentricity.com. (
>> 200711160 ; serial
>> 3H ; refresh
>> 1H ; retry
>> 5D ; expiry
>> 2H ) ; minimum
>>
>> ;; [...]
>> $ _
>>
>> Since that authoritative response is coming from infocentricity.com's
>> nameserver, it appears that the hostname is wrong, or that someone on their end
>> screwed up, or the hostname isn't available on an external nameserver.
>>
>> This leads me to think that szego is available only on an internal nameserver
>> available to you once the VPN connection is running.
>>
>> Are you sure VPNC is running?
>>
>> ---Ken
>>
>> _______________________________________________
>> talk mailing list
>> talk at nblug.org
>> http://nblug.org/cgi-bin/mailman/listinfo/talk
>>
>>
>>
>>
> It is true that szego.infocentricity.com is not visible outside
> of InfoCentricity, as I understand it. Here is how I have
> connected with it for the past 6 months or so:
>
> vpnc_connect infocent
>
> where /etc/vpnc/infocent.conf contains
>
> ## generated by pcf2vpnc.pl
> IPSec ID infocent
> IPSec gateway chapman.infocentricity.com
> Xauth username rhouse
> IKE DH Group dh2
>
> I get the message that VPNC is running in the background
> with pid 6713. Then ps aux shows this:
>
> root 6713 0.0 0.0 2284 404 ? Ss 15:13 0:00
> vpnc-connect infocent
>
> So it looks like vpnc is running. I am wondering if the missing
> resolv.conf-backup file is an issue. I have never gotten this
> message before.
>
> Roger
>
>
> _______________________________________________
> talk mailing list
> talk at nblug.org
> http://nblug.org/cgi-bin/mailman/listinfo/talk
>
Roger,
While I have never used the VPN software before after reading all of the
other emails I might have an idea that works. I use Ubuntu everyday and
any time I shutdown non "properly" (using the shutdown or from the
command line with 'poweroff' or 'restart') I always have to restart
cleanly to get the network running correctly, restarting the network
service doesn't even work. Any way, I feel your pain with this. On to
the VPN problem.
Something I didn't understand in your original /etc/resolv.conf post was
the IP's of your nameserver lines:
nameserver 192.168.11.25
nameserver 192.168.11.26
I don't know how much you know about networking but I will explain
something just to act like I actually know something. The IP's you
listed are non routable (the "private IP address space"), this means
those IP's either had to be your Linksys router or another machine on
your network (you mention windows boxes). A non routable IP means that
if your Linksys router is forwarding the packets (can't remember if they
do or not - hope not as that just makes more work for the internet
routers) then the first router they get to would drop the packets
without forwarding. So when you type in 'www.google.com' your computer
says "hey I don't know what IP google.com is so lets ask the dns
server. 192.168.11.25 where are you?" If your Linksys router forwarded
the packets the first router would drop then and your computer would
never receive an answer to its question. It would then try
192.168.11.26 (the secondary DNS server) and get the same response.
Since changing your /etc/resolv.conf fixed your internet problem I would
hazard a guess that 192.168.11.xx isn't on your home LAN and none of
your home LAN boxes are doing DNS. That makes me believe, as one of the
other guys mentioned, that these two 192.168 addresses are actually on
the LAN of infocentricity.com. Did you understand the explanation about
why you couldn't dig szego.infocentricity.com? If not just ask and I,
or someone else will explain it, it has to do with interior and exterior
DNS. Anyway, I think that the original file you showed us was the
resolv.conf for the vpn. What I would do is just create that file. I'm
a command line guy so this is how I would do it:
open up a terminal
$sudoedit /var/run/vpnc/resolv.conf-backup
Paste in:
search hsd1.ca.comcast.net. infocentricity.com
nameserver 192.168.11.25
nameserver 192.168.11.26
press the control and x keys at the same time and answer yes to the
questions to save the file(that is if nano was the editor that came up).
Try your VPN again.
Since I have never used vpnc before I don't know what the permissions
are required to be on this file, but since it is using it to
overwrite(?) the normal /etc/resolv.conf I would guess that root
ownership is going to be ok.
Let me know how it goes.
Good luck
Eric T. Landerville
Co-Founder
REL Techs
Reliable Technicians
Reliable Technology
(707) 546-2192
eric at reltechs.com
www.reltechs.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://nblug.org/pipermail/talk/attachments/20080131/cbdc1a08/attachment-0001.htm
More information about the talk
mailing list