-
-
Notifications
You must be signed in to change notification settings - Fork 137
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Gpclient does not recognize vpnc-script as executable #361
Comments
Hi @surfrock66, the So for your case, you can save the command as an executable file and pass that file to the A file named
Then use the script parameter like: But it looks like the Let me know if you have any questions. Thanks. |
Ok perfect that worked; In researching vpn-slice a lot of the documentation has the script inline with openconnect commands which was confusing, supporting in-line scrips would be great but maybe more up-front documentation on it would be enough in case it's a bigger programming lift. https://github.com/dlenski/vpn-slice?tab=readme-ov-file#usage |
Apologies, I may have closed this prematurely. I'm having a lot of trouble with routing and split tunnel. I've been through the documentation for vpn-slice and it shows that you can specify inverted subnets to exclude from going over the tunnel. https://github.com/dlenski/vpn-slice?tab=readme-ov-file#usage When I do that, I'm getting the following in my logs:
Those warnings make no sense, but I'm not sure which component they're coming from, the routes get created. Looking at the routes on the system, I think it's 1) not replacing the default route (I can research that) and 2) it's adding the whitelisted routes (going through my local gateway named sr66-prosafe-00). Ultimately, I cannot ping VPN resources by IP:
Turning off the VPN, these are my expected routes:
if I connect to the vpn without the script, I get this: The redacted names are my domain controllers (and DNS servers), and the 172 is the correct IP for my VPN subnet. I'm not sure where the issue is; is there something wrong with the way routes are handled when doing vpn-slice? I wouldn't think there would need to be additional default route commands in my script, but does the utilization of vpn-slice necessitate some other routing commands? |
Hi @surfrock66 sorry for the late reply. It looks like a problem regarding the The client should support passing a command as the |
Passing command as the |
Describe the bug
When attempting to use a script with gpclient to utilize more nuanced vpn-slice, I get an error that "vpnc script is not executabe". The vpnc-script script is on the system, is executable, and has manually been added to the path as a double check.
It was installed to /usr/share/vpnc-scripts/
To exclude any issue with my specific script, I was able to recreate the issue with an empty script; specifying any script is triggering this error.
If I exclude the --script switch, the connection works just fine (albeit without my split tunnel configuration)
Expected behavior
The client should prompt for authentication (or used cached authentication) and connect.
Screenshots
Error run as root:
Error run as sudo:
Successful connection without --script:
Environment:
The text was updated successfully, but these errors were encountered: