Gerard Hooton wrote:
> Hello All,
> I posted my request for a HeaNet contact out of frustration with Help
> Desk support. Without going into the the details of the help desk
> organisation and there relationship with the HeaNet let me explain my
> problem. I have been experiencing problems connecting to Cisco VPN using
> a linux client (vpnc/kvpnc). It would connect fine but after some time
> would drop the connection. Some times the Cisco 800 series router on the
> other end would stop accepting connections altogether including http and
> would have to be power cycled.
I don't know if this is similar to the circumstance that I had, but it's
worth looking into. Your description of your problem suggests that it's
not the same.
My wife uses a laptop with Debian Etch, and connects to her place of work
using cicso's vpnclient, as built from source on the laptop itself.
She noticed that very often the network connection would stall (go down,
drop, whatever the correct term is when you don't actually know what the
problem is). We investigated, and what we realised was the following:
1) cisco's vpnclient backs up /etc/resolv.conf and creates its own
when establishing the vpn connection.
2) Etch didn't like this, and regularly overwrote /etc/resolv.conf to
what it believed it should have been, using derived information,
rather than the vpnclient backup.
3) This would result in all connections through the VPN stalling, due
to DNS not being available. Connecting to IP addresses worked fine.
To get around this, we wrote a script that would notice a new vpnclient
connection, and take a backup of the /etc/resolv.conf file that vpnclient
created. It would then check on a regular basis that the /etc/resolv.conf
was the same as the backup, and if not, it would be restored to the
vpnclient version. Upon the closing of the VPN connect, the script would
stop its checking. This was a crude solution, but one that resulted in my
wife not noticing whenever DNS disappeared before it was restored.
Currently, this is not an issue, as Etch is no longer beating up the cisco
>>>>>>>> -----Original Message-----
> From: Ivan Griffin <ivan at skynet.ie>
> To: ilug at linux.ie> Subject: Re: [ILUG] HeaNet
> Date: Thu, 23 Apr 2009 17:29:19 +0100 (IST)
> Mailer: Alpine 2.00 (DEB 1167 2008-08-23)
>> Yes, I agree. I was being a tad sarcastic, but perhaps that tone didn't
> come across in email...
>> I wouldn't go as far as saying it is *abuse* of the list, but it certainly
> is naughty...
>>>> On Thu, 23 Apr 2009, Rory Browne wrote:
>>>>>>> 2009/4/23 Ivan Griffin <ivan at skynet.ie>
>>>> Yeah, its called short-circuiting bureaucracy to achieve your
>>>>>> I don't think so. About 3/4 of my job is about short-circuiting
>> Anyone who knows who I work for ( I don't want to say
>> who on-list ) will know what I'm talking about.
>>>> I think it's called abusing the ILUG mailing list. I'd see through it if
>> HEAnet's or Blacknight's email addresses were difficult to find,
>> but if there's an email address ( heanet ), or a "Contact Us" link (
>> Blacknight ) on the front page, it's inexcusable.
> Gerard Hooton.
> Department of Microelectronic Engineering U.C.C.
> Butler Building,
> Enterprise Centre,
> North Mall.
>> Tel: +353 21 4904576
> Fax: +353 21 4904573
Éibhear Ó hAnluain
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!