Recently I've been unable to connect to a Cisco VPN gateway using vpnc
even though I had been using vpnc
to connect to this same gateway for about a year leading up to this breakage... I'm using the command line client, not NetworkManager.
Strangely, sometimes if I reboot and try again it works... However, tonight I tried that a few times and never got through...
I see the following messages in /var/log/syslog
:
Aug 21 22:44:56 sonbuntu NetworkManager[1193]: SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/tun0, iface: tun0)
Aug 21 22:44:56 sonbuntu NetworkManager[1193]: SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/tun0, iface: tun0): no ifupdown configuration found.
Aug 21 22:44:56 sonbuntu NetworkManager[1193]: <warn> /sys/devices/virtual/net/tun0: couldn't determine device driver; ignoring...
Aug 21 22:47:06 sonbuntu avahi-daemon[1116]: Withdrawing workstation service for tun0.
Aug 21 22:47:06 sonbuntu NetworkManager[1193]: SCPlugin-Ifupdown: devices removed (path: /sys/devices/virtual/net/tun0, iface: tun0)
Aug 21 22:48:08 sonbuntu NetworkManager[1193]: SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/tun0, iface: tun0)
Aug 21 22:48:08 sonbuntu NetworkManager[1193]: SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/tun0, iface: tun0): no ifupdown configuration found.
Aug 21 22:48:08 sonbuntu NetworkManager[1193]: <warn> /sys/devices/virtual/net/tun0: couldn't determine device driver; ignoring...
When I strace
it, it seems to hang around here:
time(NULL) = 1377150323
times({tms_utime=8, tms_stime=1, tms_cutime=0, tms_cstime=0}) = 1717972828
gettimeofday({1377150323, 725505}, NULL) = 0
getrusage(RUSAGE_SELF, {ru_utime={0, 88000}, ru_stime={0, 16000}, ...}) = 0
time(NULL) = 1377150323
times({tms_utime=8, tms_stime=1, tms_cutime=0, tms_cstime=0}) = 1717972828
time(NULL) = 1377150323
poll([{fd=3, events=POLLIN}], 1, 96000) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 192000^C <unfinished ...>
My version of vpnc
hasn't changed since I originally installed it:
Version: 0.5.3r512-2ubuntu1
However, I did notice that one of its dependencies, libgcrypt11
, did recently change:
Version: 1.5.0-3ubuntu2.2
(used to be 1.5.0-3ubuntu1
).
As I see it there could be a few different possibilities about why this has broken:
libgcrypt11
broke itSome Ubuntu kernel configuration broke it (
/var/log/syslog
is complaining about a lacking driver...)Something changed on the gateway's end (I plan on asking IT if they've changed anything but it will be very hard to actually get connected to the right person for this)
Should I try to roll back libgcrypt11
? Any other ideas? Why is /var/log/syslog
complaining about a missing driver?
I've tried some of the responses to this similar-looking vpnc problem but to no avail...
Update It appears to be a bug in libgcrypt11=1.5.0-3ubuntu2.2
. See my answer for details.