2271283 – Unable to connect to institution's websites via VPN when connecting to its WPA2-Enterprise network

Bug 2271283 - Unable to connect to institution's websites via VPN when connecting to its WPA2-Enterprise network

Summary: Unable to connect to institution's websites via VPN when connecting to its WP...

Keywords:
Status:	NEW
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	NetworkManager
Sub Component:
Version:	39
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	medium
Target Milestone:	---
Assignee:	Lubomir Rintel
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2024-03-24 14:44 UTC by gxq1f5dh
Modified:	2024-04-01 06:30 UTC (History)
CC List:	10 users (show)
Fixed In Version:
Doc Type:	---
Doc Text:
Clone Of:
Environment:
Last Closed:
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description gxq1f5dh 2024-03-24 14:44:29 UTC

I have only ever experienced this with my university's eduroam network. With a VPN enabled, I can connect to any website I choose except for those containing the university's domain name (e.g. it.university.edu, med.university.edu, law.university.edu). It doesn't matter if I launch a browser in split tunneling mode - it still doesn't connect. It just gives an error that it’s unable to connect.

The VPN has to be completely disabled in order to connect to one of these university.edu websites from the eduroam network. Also, I can connect to these websites just fine using Mullvad if I'm on any other wifi network, which means it's not simple ip address blocking. I have replicated this issue on all recent versions of Pop!_OS including 21.04, 21.10, and 22.04, and fedora 38 and 39. Like I said in my previous post, I have replicated this issue with Mullvad and iVPN, though it's been some time since I have tried iVPN.

Notably, this issue is not present at all on iOS or Android. I can even use my Pixel 6a phone running GrapheneOS to connect to the eduroam network, create a hotspot extending the network to my linux laptop, have mullvad enabled on both devices, and suddenly I'm able to connect to university.edu just fine.

Apparently, according to some email correspondence I had with Mullvad support, I was able to resolve the issue a couple years ago by not using the Mullvad app and following these instructions (https://mullvad.net/it/help/linux-openvpn-installation) instead, but I think I switched back to the app because I missed some of the functionality it offered.

This issue has also been replicated by another user on Silverblue (https://discussion.fedoraproject.org/t/silverblue-38-unable-to-visit-university-websites-when-connecting-to-its-wpa2-enterprise-wifi-on-vpn/81725). There is a workaround (using the SOCKS5 proxy), but it would be very nice to have a real fix.

Reproducible: Always

Steps to Reproduce:
1. Connect to my university's wifi network
2. Connect to the VPN app
3. Attempt to connect to my university's website
Actual Results:
Error - unable to connect

Expected Results:
Connected to the website

https://discussion.fedoraproject.org/t/silverblue-38-unable-to-visit-university-websites-when-connecting-to-its-wpa2-enterprise-wifi-on-vpn/81725

https://github.com/mullvad/mullvadvpn-app/issues/4633

Comment 1 groguko36 2024-04-01 06:30:25 UTC

Related: https://bugzilla.redhat.com/show_bug.cgi?id=2196615

Note You need to log in before you can comment on or make changes to this bug.