When performing nslookup, the IP can be returned. But when performing ping, return following error
ping: cannot resolve <hostname>: Unknown hostThe second DNS server isn't resolving the IP address.
Another DHCP server provide different DNS server.
killall -HUP mDNSResponderDue to PPTP might not available, OpenVPN can be a good choice.
apt install openvpnConfiguration file should be downloaded from OpenVPN server.
openvpn --config client.ovpn
In /etc/default/openvpn, enable following line
AUTOSTART="all"cp client.ovpn /etc/openvpn/client.confNote: the file name should be client.conf
Change auth-user-pass to auth-user-pass pass in client.conf.
Then create account info in pass file, and change mode
chmod 400 /etc/openvpn/passsystemctl enable openvpn@client.service
systemctl daemon-reload
systemctl start openvpn@clientapt-get install pptp-linuxvi /etc/ppp/chap-secretsThe format should be
pptpuser PPTP pptppassword *Create file /etc/ppp/ip-up.d/route-traffic
#!/bin/bash
route add -net 192.168.1.0/8 dev ppp0Change mode to executable
chmod +x /etc/ppp/ip-up.d/route-trafficThe name of file is defined as connection name, such as /etc/ppp/peers/<CONNECTON>
pty "pptp <HOST> --nolaunchpppd"
name <USER>
remotename PPTP
require-mppe-128
file /etc/ppp/options.pptp
ipparam <CONNECTON>iptables -A INPUT -i pptp -j ACCEPT
iptables -A OUTPUT -o pptp -j ACCEPTpon <CONNECTON>
poff <CONNECTION>If didn't configure PPTP Passthrough on your NAT, then PPTP will failed.
PPTP uses a TCP channel on port 1723 for control and the GRE protocol to encapsulate data and create a VPN tunnel. The issue isn’t really PTPP itself but GRE; GRE doesn’t use ports. Since a requirement of NAT is that the connection must use an IP address and port number it doesn’t work with GRE. This is what PTPP passthrough addresses.Set up Linux PPTP Client from the Terminal
Connect to PPTP server via command line on Ubuntu
pptp - 'Administrative Shutdown'. Error code is 0, Cause code is 0
If can not login via SSH, normally can use -vvv as SSH option in SSH client command to verify, but it could be very long to read.
Another way is use systemctl status sshd command at server side to check the error.
For example, the output of systemctl status sshd got following lines,
Dec 12 00:40:37 example-host systemd[1]: Started OpenBSD Secure Shell server.
Dec 12 00:40:54 example-host sshd[22712]: error: Certificate invalid: expired
Dec 12 00:40:54 example-host sshd[22712]: Connection closed by authenticating user ubuntu 101.78.78.154 port 53369 [preauth]
Dec 12 00:41:12 example-host sshd[22716]: error: Certificate invalid: name is not a listed principal
Dec 12 00:41:12 example-host sshd[22716]: Connection closed by authenticating user ubuntu 101.78.78.154 port 53372 [preauth]The first error shows vault signed certificate at client side had expired, need to rerun vault command to regenerate signed certificate.
The second error shows the user name was used in client is not listed in vault signed certificate, so need to use correct user name or configure a new role in the vault.