Ubuntu – How to prevent Juniper Network Connect breaking DNS resolutions


Juniper Network Connect has been an issue on 64bit Linux for quite sometime. I have found 2 solutions to the Java issue (Could anyone provide a step by step for getting juniper netconnect and citrix? and Running 32-bit Firefox with sun-jre in 64-bit Ubuntu) but now I am struggling with a new issue.

Network Connect makes changes directly to the /etc/resolv.conf file. This causes issues with the newer way that Ubuntu does DNS resolutions which is to point DNS to the local resolver/cacher: dnsmasq. Once NC disconnects and you change networks, e.g. go from office to home, then DNS stops working correctly.

What happens is that NC deletes the /etc/resolv.conf file which is actually symlinked to /run/resolvconf/resolv.conf. What's worse is that NC actually deletes the original file not the link. So when you try to restore the file with:

sudo ln -s /run/resolvconf/resolv.conf /etc/resolv.conf

It fails as /run/resolvconf/resolv.conf is now gone. Re-installing resolvconf does not fix it and neither does running resolvconf.

So the best way I have found so far is to first backup /run/resolvconf/resolv.conf to another location. After you disconnect NC I then run a script that removes /etc/resolv.conf, replaces the deleted /run/resolvconf/resolv.conf and then links it back to /etc again.

Does anyone know a way to avoid this or do I pretty much have he best "fix" in place already? Any way to prevent NC from breaking it in the first place?

Best Answer

First: clicking the Sign Out button in the Network Connect window (the window that shows the VPN IP while connected) and

Then clicking on the Sign Out button in the logged-in web page avoids this problem.

Please indicate in comment if this works or not.