09-01-2023
- Initial Release
The purpose of this repository is to simplify the instructions into a simple powershell and shell script fix for users. The other examples from GitHub below give instructions but not a quick shell script. Also the anyconnect.ps1 is more complex than other examples to account for connected/disconnected states for the corporate environment.
The generate_settings.sh file in this repository will setup a WSL Environment for Users that utilize Anyconnect VPN. Once the environment is setup, you can use wdf.sh to correct resolv.conf each time you connect and disconnect from your VPN Network.
git clone https://github.com/scotttyso/wsl-dns-fixIn the Last line of anyconnect.ps1 are the DNS search values I used. Modify this line to match your own search domain if desired, or leave it commented out.
#Add-Content -Path C:\Users\Public\resolv.conf -Value "search rich.ciscolabs.com cisco.com"It isn't required, but is helpful if you like to use short names like I do.
cd wsl-dns-fix
chmod 755 generate_settings.sh
sudo ./generate_settings.shOnce the Script has configured the Environment you can execute the script each time you connect and disconnect from VPN.
wdf.shYou can add this to cron and have it auto run on startup, or at given intervals, if you want but I find that since I connect and disconnect based on things I am doing, it is just more convient to execute the script when I need to.
If you run the script as sudo, the following error occurs:
tcgetpgrp failed: Not a ttyIt still works, but to eliminate the error I chose to have wdf.sh run as a regular user and prompt for sudo credentials for the resolv.conf modifications.
Trivia: The name of the script stands for WSL DNS fix, and was chosen for auto-complete/tab to be as simple as possible.
Note: You will recieve a User Account Control (UAC) prompt for the Administrative session created to modify the AnyConnect Network Interface Each time. Both Windows Administrative access + sudo access in WSL are required to perform these fixes.
If you don't have Administrative access in Windows, you can request your IT organization to deploy the anyconnect.ps1 script as an OnConnect script when AnyConnect is connected.
AnyConnect - Write and Deploy Scripts
You will still want to know the location of the script if Anyconnect doesn't auto start and you have the ability to connect and disconnect from your corporate environment. You don't need Administrative access to execute the powershell script when Anyconnect is disconnected, as the powershell script only pulls the DNS settings from the other connections and creates the resolv.conf file under the C:\Users\Public directory. sudo permissions for the wdf.sh script in WSL is always required.
And as always multiple Stack overflow Questions and Answers