I have WSL Version 2 running on my Windows 10 Laptop. I'm using the WSL distribution Ubuntu-20.04. When I connect to a VPN network domain name resolution doesn't work so I can't access the Internet. VPN Client in use is "Cisco AnyConnect Secure Mobility Client" I tried the following steps to resolve this problem. <ol> <li>Opening the Windows command prompt in admin mode</li> <li>Execute following commands</li> </ol> <pre class="prettyprint"><code>netsh winsock reset netsh int ip reset all netsh winhttp reset proxy ipconfig /flushdns reboot </code></pre> That worked once, I had access to the internet. But as soon as I disconnected the VPN connection and connected again, I had the same problem all over again. I tried to just execute the commands again and rebooted, but now thats not working anymore. What is a permanent fix for this problem?

<h3>WSL2 - VPN Fix:</h3> There is an issue with DNS Forwarding in WSL2 when using VPN (see github Issue). Plus there is a issue with the Cisco AnyConnect. So here is a workaround for these problems. Should work for Ubuntu and Debian. <h3>Workaround</h3> <ol> <li> Find out nameserver with windows powershell (during VPN Session) <pre class="prettyprint"><code>nslookup </code></pre> You'll get the IPv4 adress of your corporate nameserver Copy this address. </li> <li> Disable resolv.conf generation in wsl: <pre class="prettyprint lang-sh prettyprint-override"><code>sudo nano /etc/wsl.conf </code></pre> copy this text to the file (to disable resolve.conf generation, when wsl starts up) <pre class="prettyprint lang-sh prettyprint-override"><code>[network] generateResolvConf = false </code></pre> </li> <li> In wsl Add your corporate nameserver to <code>resolv.conf</code> <pre class="prettyprint lang-sh prettyprint-override"><code>sudo nano /etc/resolv.conf </code></pre> Remove other entries and add your corporate nameserver IP (if you have a secondary nameserver, add it in a separate line) <ul> <li> <code>nameserver X.X.X.X</code> (where X.X.X.X is your address obtained in step 1)</li> </ul> </li> <li> Set your VPN adapter (if you have Cisco AnyConnect) open a admin powershell <ul> <li>Find out your VPN adapter name: <code>Get-NetIPInterface</code> (in my case: <code>"Cisco AnyConnect"</code>)</li> <li>Set adapter metric (Replace -Match with your name), in my case I have to run this after ever reboot or VPN reconnect:</li> </ul> <pre class="prettyprint"><code>Get-NetAdapter | Where-Object {$_.InterfaceDescription -Match "Cisco AnyConnect"} | Set-NetIPInterface -InterfaceMetric 6000 </code></pre> (What is interface metric: Used to determine route, windows use interface with lowest metric) </li> <li> Restart wsl in powershell: <code>wsl.exe --shutdown</code> </li> <li> Test it in wsl run: <code>wget google.com</code> - if this command works, you are done. </li> </ol> In my case I get DNS issues when try to connect to internal stuff via browser (on Windows 10, f.e.: intranet), caused by the high metric value set in step 4 (basically kind of disabling VPN Route). So here is the workaround for the workaround: <ol> <li>Check your default metric (of VPNs Interface) in powershell (replace -Match with your interface name)</li> </ol> <pre class="prettyprint"><code>Get-NetAdapter | Where-Object {$_.InterfaceDescription -Match "Cisco AnyConnect"} | Get-NetIPInterface </code></pre> <ol start="2"> <li>When running into problems on Windows 10 restore this default value with admin powershell (replace value at the end with your default value):</li> </ol> <pre class="prettyprint"><code>Get-NetAdapter | Where-Object {$_.InterfaceDescription -Match "Cisco AnyConnect"} | Set-NetIPInterface -InterfaceMetric 1 </code></pre>

There is an issue with VPN integration in WSL running on my Windows 10. You need to redirect WSL to VPN, please follow these steps: STEP-1: Obtain DNS address from Windows Power Shell <pre class="prettyprint"><code>>nslookup Servidor predeterminado: yyyy.com Address: x.x.x.x </code></pre> or <pre class="prettyprint"><code>>ipconfig /all </code></pre> STEP-2 Open Ubuntu-20.04 Version 2 WSL and open /etc/resolv.conf STEP-3 Modify /etc/resolv.conf . Add the VPN Address in the first position(I deleted the others directions but it is not necessary), save the file, and try to access again. My file looks like: <pre class="prettyprint"><code>nameserver X.X.X.X </code></pre>

No internet connection Ubuntu-WSL while VPN

I have WSL Version 2 running on my Windows 10 Laptop. I'm using the WSL distribution Ubuntu-20.04. When I connect to a VPN network domain name resolution doesn't work so I can't access the Internet.

VPN Client in use is "Cisco AnyConnect Secure Mobility Client"

I tried the following steps to resolve this problem.

Opening the Windows command prompt in admin mode
Execute following commands

netsh winsock reset
netsh int ip reset all
netsh winhttp reset proxy
ipconfig /flushdns
reboot

That worked once, I had access to the internet. But as soon as I disconnected the VPN connection and connected again, I had the same problem all over again. I tried to just execute the commands again and rebooted, but now thats not working anymore.

What is a permanent fix for this problem?

Why can't I connect to Internet while using VPN?

This issue may occur if you configure the VPN connection to use the default gateway on the remote network. This setting overrides the default gateway settings that you specify in the Transmission Control Protocol/Internet Protocol (TCP/IP) settings.

Does WSL work with VPN?

Windows Subsystem for Linux (WSL) allows Windows 10 devices to run Linux binary within Windows. WSL2, announced in 2019 now uses a full Linux kernel. Note: using the VPN with WSL is not a supported use but may work with a little help.

WSL2 - VPN Fix:

There is an issue with DNS Forwarding in WSL2 when using VPN (see github Issue). Plus there is a issue with the Cisco AnyConnect. So here is a workaround for these problems. Should work for Ubuntu and Debian.

Workaround

Find out nameserver with windows powershell (during VPN Session)
```
nslookup
```
You'll get the IPv4 adress of your corporate nameserver Copy this address.

Disable resolv.conf generation in wsl:

sudo nano /etc/wsl.conf

copy this text to the file (to disable resolve.conf generation, when wsl starts up)

[network]                                                                        
generateResolvConf = false

In wsl Add your corporate nameserver to resolv.conf
```
sudo nano /etc/resolv.conf
```
Remove other entries and add your corporate nameserver IP (if you have a secondary nameserver, add it in a separate line)
- nameserver X.X.X.X (where X.X.X.X is your address obtained in step 1)
Set your VPN adapter (if you have Cisco AnyConnect) open a admin powershell
- Find out your VPN adapter name: Get-NetIPInterface (in my case: "Cisco AnyConnect")
- Set adapter metric (Replace -Match with your name), in my case I have to run this after ever reboot or VPN reconnect:
```
Get-NetAdapter | Where-Object {$_.InterfaceDescription -Match "Cisco AnyConnect"} | Set-NetIPInterface -InterfaceMetric 6000
```
(What is interface metric: Used to determine route, windows use interface with lowest metric)
Restart wsl in powershell: wsl.exe --shutdown
Test it in wsl run: wget google.com - if this command works, you are done.

In my case I get DNS issues when try to connect to internal stuff via browser (on Windows 10, f.e.: intranet), caused by the high metric value set in step 4 (basically kind of disabling VPN Route). So here is the workaround for the workaround:

Check your default metric (of VPNs Interface) in powershell (replace -Match with your interface name)

Get-NetAdapter | Where-Object {$_.InterfaceDescription -Match "Cisco AnyConnect"} | Get-NetIPInterface

When running into problems on Windows 10 restore this default value with admin powershell (replace value at the end with your default value):

Get-NetAdapter | Where-Object {$_.InterfaceDescription -Match "Cisco AnyConnect"} | Set-NetIPInterface -InterfaceMetric 1

This worked for me.

How Anyconnect v4.9 breaks it: It adds a route for wsl2 with a low metric 2, lower than 5256, which causes vpn becomes the chosen route, and of course that will never work. As seen below. c:> route.exe print Note: “172.17.228.192 255.255.255.240” is the wsl2 destination subnet. 172.17.228.192 255.255.255.240 On-link 172.17.228.193 5256 172.17.228.192 255.255.255.240 10.255.0.1 10.255.0.71 2 This problem is solved when I change the vpn route metric to 5500, higher than 5256, by doing so: Control Panel – network – click the vpn – property – IPv4 – property, advanced – automatic metric: uncheck it and type in 5500.

source: https://riowingwp.wordpress.com/2020/12/13/anyconnect-bug/

There is an issue with VPN integration in WSL running on my Windows 10. You need to redirect WSL to VPN, please follow these steps:

STEP-1: Obtain DNS address from Windows Power Shell

>nslookup
Servidor predeterminado:  yyyy.com
Address:  x.x.x.x

or

>ipconfig /all

STEP-2 Open Ubuntu-20.04 Version 2 WSL and open /etc/resolv.conf

STEP-3 Modify /etc/resolv.conf . Add the VPN Address in the first position(I deleted the others directions but it is not necessary), save the file, and try to access again. My file looks like:

nameserver X.X.X.X

No internet connection Ubuntu-WSL while VPN

Tags:

ubuntu

windows-10

windows-subsystem-for-linux

wsl-2

vpn

Hball99

People also ask

3 Answers

WSL2 - VPN Fix:

Workaround

kraego

lisandro101

Roro pb

Recent Activity

Donate For Us

No internet connection Ubuntu-WSL while VPN

Tags:

ubuntu

windows-10

windows-subsystem-for-linux

wsl-2

vpn

Hball99

People also ask

3 Answers

WSL2 - VPN Fix:

Workaround

kraego

lisandro101

Roro pb

Related questions

Recent Activity

Donate For Us