Ajuda com VPN e conflito de rede

raphaeldev
(usa Ubuntu)

Enviado em 19/06/2022 - 13:40h

Boa tarde, estou tendo problemas em navegar em uma VPN corporativa que uso no trabalho e eles não oferecem suporte a linux, queria uma ajuda dos colegas pois acho que seja simples de resolver.
Vamos la... a conexão eh realizada pelo SonicWall NetExtend e ocorre tranquilamente, porem ao tentar navegar em duas paginas da intranet que são fundamentais, fica carregando e não abre... olhando meu endereçamento IP na VPN notei que o servidor me atribuiu o endereço 172.17.X.X, as paginas internas que se encontra nessa faixa de IP eu navego normalmente, já os sites internos que eu navego em faixa de IP diferente, não carrega e esses dois sites que preciso são justamente na faixa 10.X.X.X. Olhando a tabela de sub-redes notei que a faixa 10.X.X.X eh atribuída pelo app do netExtend.
Minha duvida eh se preciso mudar alguma configuração interna para ser permitido eu acessar ou se eh algo no server e preciso, talvez alguma regra de segurança da tabela de reteamento ou sei la, kkkk não entendo muito de redes então fico de mãos atadas sem ter um norte.

Meu sistema base eh Ubuntu 22.04, mas posso usar qualquer um que funcione a rede, ja a saida do App da SonicWall eh essa:


---------------------------------------------------------------------------------------------------
Login successful.
Version header not found
WireGuard is not capable, root permission is required.
SSL Connection is ready
Using SSL Encryption Cipher 'ECDHE-RSA-AES256-GCM-SHA384'
Using new PPP frame encoding mechanism
Using PPP async mode (chosen by server)
Connecting tunnel...
Client IP Address: 173.27.10.201
You now have access to the following 24 remote networks:
172.16.0.0/255.255.252.0
172.17.0.0/255.255.248.0
10.0.0.0/255.0.0.0
172.17.100.0/255.255.254.0
172.17.8.0/255.255.248.0
172.17.105.0/255.255.255.0
172.17.115.0/255.255.255.0
172.17.120.0/255.255.255.0
172.17.125.0/255.255.255.0
172.17.130.0/255.255.255.0
172.17.135.0/255.255.255.0
172.17.140.0/255.255.254.0
172.17.145.0/255.255.255.0
172.17.200.0/255.255.255.0
172.17.205.0/255.255.255.0
172.17.210.0/255.255.255.0
172.17.215.0/255.255.255.0
172.17.220.0/255.255.255.0
172.17.225.0/255.255.255.0
172.17.230.0/255.255.255.0
172.17.235.0/255.255.255.0
172.17.240.0/255.255.254.0
172.17.245.0/255.255.255.0
172.18.0.0/255.255.248.0
NetExtender connected successfully.
Ctrl-C to disconnect...
----------------------------------------------------------------------------------------------

desculpe pelo texto enorme |:-) se alguem puder dar um Help!!!! Agradeço muito..

Carlos_Cunha
(usa Linux Mint)

Enviado em 20/06/2022 - 11:47h

Desconecte da vpn e execute e cole a saída aqui:

ip a

ip r

 

Conecte na vpn , e execute e cole a saída aqui:

ip a

ip r

 

#-------------------------------------------------------------------------------------#
"Falar é fácil, me mostre o código." - Linus Torvalds
#-------------------------------------------------------------------------------------#

raphaeldev
(usa Ubuntu)

Enviado em 23/06/2022 - 20:20h

-------------------------------------------------------------------------------------------------------------------------------------------------------------

Sem VPN

raphael@raphael-sang:~$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp4s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000
link/ether 98:83:89:71:84:5a brd ff:ff:ff:ff:ff:ff
3: wlp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 64:6e:69:65:8b:2f brd ff:ff:ff:ff:ff:ff
inet 192.168.0.19/24 brd 192.168.0.255 scope global dynamic noprefixroute wlp3s0
valid_lft 82937sec preferred_lft 82937sec
inet6 2804:14d:4e83:4cc6:4eb3:9737:fc7f:840d/64 scope global temporary dynamic
valid_lft 83229sec preferred_lft 68829sec
inet6 2804:14d:4e83:4cc6:192e:3e22:b688:1afa/64 scope global dynamic mngtmpaddr noprefixroute
valid_lft 83229sec preferred_lft 68829sec
inet6 2804:14d:4e83:4cc6::1001/128 scope global dynamic noprefixroute
valid_lft 82937sec preferred_lft 82937sec
inet6 2804:14d:4e83:4cc6:fa0e:65fc:686b:8dc3/64 scope global temporary dynamic
valid_lft 82938sec preferred_lft 68538sec
inet6 fe80::7ff1:50ac:f430:9ac4/64 scope link noprefixroute
valid_lft forever preferred_lft forever
raphael@raphael-sang:~$ ip r
default via 192.168.0.1 dev wlp3s0 proto dhcp metric 600
169.254.0.0/16 dev wlp3s0 scope link metric 1000
192.168.0.0/24 dev wlp3s0 proto kernel scope link src 192.168.0.19 metric 600
raphael@raphael-sang:~$

com VPN


raphael@raphael-sang:~$ ip a
\1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp4s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000
link/ether 98:83:89:71:84:5a brd ff:ff:ff:ff:ff:ff
3: wlp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 64:6e:69:65:8b:2f brd ff:ff:ff:ff:ff:ff
inet 192.168.0.19/24 brd 192.168.0.255 scope global dynamic noprefixroute wlp3s0
valid_lft 82794sec preferred_lft 82794sec
inet6 2804:14d:4e83:4cc6:4eb3:9737:fc7f:840d/64 scope global temporary dynamic
valid_lft 83086sec preferred_lft 68686sec
inet6 2804:14d:4e83:4cc6:192e:3e22:b688:1afa/64 scope global dynamic mngtmpaddr noprefixroute
valid_lft 83086sec preferred_lft 68686sec
inet6 2804:14d:4e83:4cc6::1001/128 scope global dynamic noprefixroute
valid_lft 82794sec preferred_lft 82794sec
inet6 2804:14d:4e83:4cc6:fa0e:65fc:686b:8dc3/64 scope global temporary dynamic
valid_lft 82795sec preferred_lft 68395sec
inet6 fe80::7ff1:50ac:f430:9ac4/64 scope link noprefixroute
valid_lft forever preferred_lft forever
4: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1280 qdisc fq_codel state UNKNOWN group default qlen 3
link/ppp
inet 173.27.10.201 peer 192.0.2.1/32 scope global ppp0
valid_lft forever preferred_lft forever
raphael@raphael-sang:~$ ip r
default via 192.168.0.1 dev wlp3s0 proto dhcp metric 600
10.0.0.0/8 via 173.27.10.201 dev ppp0
169.254.0.0/16 dev wlp3s0 scope link metric 1000
172.16.0.0/22 via 173.27.10.201 dev ppp0
172.17.0.0/21 via 173.27.10.201 dev ppp0
172.17.8.0/21 via 173.27.10.201 dev ppp0
172.17.100.0/23 via 173.27.10.201 dev ppp0
172.17.105.0/24 via 173.27.10.201 dev ppp0
172.17.115.0/24 via 173.27.10.201 dev ppp0
172.17.120.0/24 via 173.27.10.201 dev ppp0
172.17.125.0/24 via 173.27.10.201 dev ppp0
172.17.130.0/24 via 173.27.10.201 dev ppp0
172.17.135.0/24 via 173.27.10.201 dev ppp0
172.17.140.0/23 via 173.27.10.201 dev ppp0
172.17.145.0/24 via 173.27.10.201 dev ppp0
172.17.200.0/24 via 173.27.10.201 dev ppp0
172.17.205.0/24 via 173.27.10.201 dev ppp0
172.17.210.0/24 via 173.27.10.201 dev ppp0
172.17.215.0/24 via 173.27.10.201 dev ppp0
172.17.220.0/24 via 173.27.10.201 dev ppp0
172.17.225.0/24 via 173.27.10.201 dev ppp0
172.17.230.0/24 via 173.27.10.201 dev ppp0
172.17.235.0/24 via 173.27.10.201 dev ppp0
172.17.240.0/23 via 173.27.10.201 dev ppp0
172.17.245.0/24 via 173.27.10.201 dev ppp0
172.18.0.0/21 via 173.27.10.201 dev ppp0
192.0.2.1 dev ppp0 proto kernel scope link src 173.27.10.201
192.168.0.0/24 dev wlp3s0 proto kernel scope link src 192.168.0.19 met92.168.0.1 dev wlp3s0 scope link
200.144.28.250 via 192.168.0.1 dev wlp3s0


Porem nessa maquina funcionou, mas no meu Chromebook (com custom bios e usando linux full) não havia funcionado, ai por curiosidade eu clonei meu Ubuntu do Notebook convencional para ele e por bizarro que pareca funcionou lol...
Eu não sei ao certo o motivo, mas imagino que seja algo relacionado a placa de rede pois ele não possui uma placa de rede convencional e provavelmente algum pacote deixa de ser instalado por padrão....

O problema esta Solucionado, mas agradeço a ajuda do amigo, caso possa explicar o que aconteceu talvez sirva para um futuro problema de algum Pinguim :-)