ANSWERED Can't connect on regular network after disabling VPN

[torrenttorment 0]

After disabling the VPN, I can no longer connect to anything. The only way to fix it is to reenable the VPN, but I only ever intended this to be a temporary thing. My subscription runs out in a few days.

I'm on Linux Mint, using Goldcrest. I assumed the issue was network lock, but any time I try disabling it I get the same error:

$ sudo goldcrest --network-lock off

Reading run control directives from file /root/.config/goldcrest.rc
ERROR: profile off not found

I don't know what I'm doing wrong.

[Staff 9779]

9 hours ago, torrenttorment said:

I don't know what I'm doing wrong.

Hello!

Goldcrest looks for a configuration file named "off" and does not find it. This is due to Goldcrest's parser, as this particular usage is not permitted. Goldcrest, in the current command line example you gave us, needs a configuration file as a mandatory option (for example air-connect) is missing. So it finds off and considers it the name of the configuration file and not the argument of the network-lock option. We will consider to address the issue both on the program and the manual to provide more informative notes and proper error message.

Back to your problem, if you have persistent Network Lock enabled in Bluetit you can't disable it through Goldcrest: by design, some Bluetit settings can not be overridden by Goldcrest commands for security reasons (more info on the user's manual). If a system administrator needs to disable persistent network lock, root must terminate Bluetit. Just before exiting, Bluetit "disables Network Lock", i.e. it restores previous system settings and firewall rules.

DNS settings are a different, potential reason of the issue: please check your system DNS after you have terminated Bluetit and make sure that publicly reachable nameservers are set.

Kind regards
 

[torrenttorment 0]

9 hours ago, Staff said:

Just before exiting, Bluetit "disables Network Lock", i.e. it restores previous system settings and firewall rules.

I've terminated Bluetit manually, as instructed in a support email.

9 hours ago, Staff said:

DNS settings are a different, potential reason of the issue: please check your system DNS after you have terminated Bluetit and make sure that publicly reachable nameservers are set.

Just to be sure, I've set my DNS to OpenDNS instead of the default. I still cannot connect to anything without using the VPN.

I've also rebooted, in case that might solve anything, but it didn't.

In Firefox, the error is "Server Not Found", rather than not having an internet connection.

[Staff 9779]

@torrenttorment

Hello!

From your description we can't discern whether your system can't resolve names or doesn't have Internet connectivity at all. What happens for example with the following commands:
ping -c4 google.com
ping -c4 8.8.8.8

Feel free to send the whole output.

Kind regards
 

[torrenttorment 0]

1 minute ago, Staff said:

@torrenttorment

Hello!

From your description we can't discern whether your system can't resolve names or doesn't have Internet connectivity at all. What happens for example with the following commands:
ping -c4 google.com
ping -c4 8.8.8.8

Feel free to send the whole output.

Kind regards
 

$ ping -c4 google.com
ping: google.com: Name or service not known

$ ping -c4 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=116 time=15.1 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=116 time=14.1 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=116 time=13.3 ms
64 bytes from 8.8.8.8: icmp_seq=4 ttl=116 time=26.0 ms

--- 8.8.8.8 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 13.341/17.147/25.977/5.137 ms

[Staff 9779]

@torrenttorment

Hello!

So you have connectivity but the system can't resolve names. Something must have gone wrong when you configured OpenDNS, please check and re-configure according to your system setup. Note: if you're running systemd-resolved (if we're not mistaken Mint distributions come pre-configured with systemd-resolved running) please see also here if necessary:
https://notes.enovision.net/linux/changing-dns-with-resolve

Kind regards
 

[torrenttorment 0]

2 hours ago, Staff said:

@torrenttorment

Hello!

So you have connectivity but the system can't resolve names. Something must have gone wrong when you configured OpenDNS, please check and re-configure according to your system setup. Note: if you're running systemd-resolved (if we're not mistaken Mint distributions come pre-configured with systemd-resolved running) please see also here if necessary:
https://notes.enovision.net/linux/changing-dns-with-resolve

Kind regards
 

When following the commands on that site, I get "systemd-resolve: command not found" or "service not found".
Setting up the DNS through the provided interface in Linux Mint (which I have changed to Cloudflare in this screenshot, because I'm trying multiple options) doesn't seem to change anything.

Everything in the /etc/systemd/resolved.conf file is commented out and all DNS options are empty. This file has a modified date of 2022, so I don't think it's related, and is probably not actually in use.

[Staff 9779]

11 hours ago, torrenttorment said:

Setting up the DNS through the provided interface in Linux Mint (which I have changed to Cloudflare in this screenshot, because I'm trying multiple options) doesn't seem to change anything.

Hello!

Please check the following guide to use resolvectl instead of the command you don't have (probably it's no more necessary) and for a more comprehensive approach:
https://www.linuxinsider.com/story/be-it-resolved-systemd-shall-serve-dns-177275.html

To understand the several systemd-resolved working modes you can also consult the documentation here:
https://www.freedesktop.org/software/systemd/man/latest/systemd-resolved.service.html

Kind regards
 

[torrenttorment 0]

10 hours ago, Staff said:

Hello!

Please check the following guide to use resolvectl instead of the command you don't have (probably it's no more necessary) and for a more comprehensive approach:
https://www.linuxinsider.com/story/be-it-resolved-systemd-shall-serve-dns-177275.html

To understand the several systemd-resolved working modes you can also consult the documentation here:
https://www.freedesktop.org/software/systemd/man/latest/systemd-resolved.service.html

Kind regards
 

The backup of resolv.conf created by the VPN was the resolv.conf the VPN had created, meaning I'd lost the original resolv.conf. I'm still working with a friend to figure out why resolv.conf isn't regenerating correctly.
After editing the nameserver field to 1.1.1.1, I'm now connected again without the VPN.

/etc/systemd/resolved.conf was not the problem, the resolv.conf created by AirVPN was.