Comments (8)
Great, I'm glad it's working for you now. Since using the vpnkit.exe
in the Docker for Windows folder solves the issue, I believe your VPN configuration or firewall has rules to allow/deny requests based on the executable name and/or location.
One downside with using vpnkit.exe
instead of the renamed wsl-vpnkit.exe
is that Docker for Windows will kill all vpnkit.exe
processes whenever you stop/restart it, which will require you to restart wsl-vpnkit
.
from wsl-vpnkit.
@kingsumos can you try running sudo VPNKIT_DEBUG=1 ./wsl-vpnkit
with the script in the debug-option
branch?
from wsl-vpnkit.
Trying a SSH throws a permission denied error:
(this is why we have a RST)
`wsl-vpnkit.exe: [DEBUG] received
f6 16 36 bc f9 c6 02 50 00 00 00 01 08 00 45 00
00 4b ba 96 40 00 40 11 78 b6 c0 a8 43 03 c0 a8
43 01 8e e5 00 35 00 37 c1 80 8e 5c 01 00 00 01
00 00 00 00 00 00 08 67 72 61 74 67 6c 30 31 03
64 65 76 0c 67 6c 6f 62 61 6c 2d 69 6e 74 72 61
03 6e 65 74 00 00 01 00 01
wsl-vpnkit.exe: [DEBUG] received
f6 16 36 bc f9 c6 02 50 00 00 00 01 08 00 45 00
00 4b ba 97 40 00 40 11 78 b5 c0 a8 43 03 c0 a8
43 01 8e e5 00 35 00 37 68 79 cc 63 01 00 00 01
00 00 00 00 00 00 08 67 72 61 74 67 6c 30 31 03
64 65 76 0c 67 6c 6f 62 61 6c 2d 69 6e 74 72 61
03 6e 65 74 00 00 1c 00 01
wsl-vpnkit.exe: [DEBUG] sending
02 50 00 00 00 01 f6 16 36 bc f9 c6 08 00 45 00
00 5b 8a 09 00 00 26 11 03 34 c0 a8 43 01 c0 a8
43 03
00 35 8e e5 00 47 f6 97
8e 5c 81 80 00 01 00 01 00 00 00 00 08 67 72 61
74 67 6c 30 31 03 64 65 76 0c 67 6c 6f 62 61 6c
2d 69 6e 74 72 61 03 6e 65 74 00 00 01 00 01 c0
0c 00 01 00 01 00 00 00 00 00 04 0a 72 7c c5
wsl-vpnkit.exe: [DEBUG] sending
02 50 00 00 00 01 f6 16 36 bc f9 c6 08 00 45 00
00 4b b0 37 00 00 26 11 dd 15 c0 a8 43 01 c0 a8
43 03
00 35 8e e5 00 37 e7 f5
cc 63 81 83 00 01 00 00 00 00 00 00 08 67 72 61
74 67 6c 30 31 03 64 65 76 0c 67 6c 6f 62 61 6c
2d 69 6e 74 72 61 03 6e 65 74 00 00 1c 00 01
wsl-vpnkit.exe: [DEBUG] received
f6 16 36 bc f9 c6 02 50 00 00 00 01 08 00 45 00
00 3c d8 e3 40 00 40 06 d6 f5 c0 a8 43 03 0a 72
7c c5 b8 08 00 16 d5 e1 5d 1a 00 00 00 00 a0 02
fa f0 0a 7b 00 00 02 04 05 b4 04 02 08 0a 2d 76
9f 20 00 00 00 00 01 03 03 07
wsl-vpnkit.exe: [DEBUG] 10.114.124.197:22: failed to connect, sending RST: Socket.TCPv4.connect tcp:10.114.124.197:22: caught Permission denied
wsl-vpnkit.exe: [DEBUG] process-syn: [channels=0 listens=0 connects=0]
wsl-vpnkit.exe: [DEBUG] sending
02 50 00 00 00 01 f6 16 36 bc f9 c6 08 00 45 00
00 28 d9 a9 00 00 26 06 30 44 0a 72 7c c5 c0 a8
43 03 00 16 b8 08 00 00 00 00 d5 e1 5d 1b 50 14
00 00 39 d2 00 00`
For ICMP ping we have:
`wsl-vpnkit.exe: [DEBUG] using default callback for packet for 10.114.124.197
wsl-vpnkit.exe: [INFO] Connected Ethernet interface f6:16:36:bc:f9:c6
wsl-vpnkit.exe: [DEBUG] ARP: adding 10.114.124.197 -> f6:16:36:bc:f9:c6
wsl-vpnkit.exe: [INFO] UDP interface connected on 10.114.124.197
wsl-vpnkit.exe: [DEBUG] create remote TCP/IP proxy for 10.114.124.197
wsl-vpnkit.exe: [DEBUG] activating switch port for 10.114.124.197
wsl-vpnkit.exe: [DEBUG] ICMP received 192.168.67.3 -> 10.114.124.197 ttl=64 ty=8 code=0 id=277 seq=1 payload len 56
wsl-vpnkit.exe: [DEBUG] received
f6 16 36 bc f9 c6 02 50 00 00 00 01 08 00 45 00
00 54 b8 d7 40 00 40 01 f6 ee c0 a8 43 03 0a 72
7c c5 08 00 75 1b 01 15 00 02 91 03 9d 60 00 00
00 00 93 96 01 00 00 00 00 00 10 11 12 13 14 15
16 17 18 19 1a 1b 1c 1d 1e 1f 20 21 22 23 24 25
26 27 28 29 2a 2b 2c 2d 2e 2f 30 31 32 33 34 35
36 37
wsl-vpnkit.exe: [DEBUG] ICMP received 192.168.67.3 -> 10.114.124.197 ttl=64 ty=8 code=0 id=277 seq=2 payload len 56
wsl-vpnkit.exe: [DEBUG] received
f6 16 36 bc f9 c6 02 50 00 00 00 01 08 00 45 00
00 54 b8 f9 40 00 40 01 f6 cc c0 a8 43 03 0a 72
7c c5 08 00 bf 7d 01 15 00 03 92 03 9d 60 00 00
00 00 47 33 02 00 00 00 00 00 10 11 12 13 14 15
16 17 18 19 1a 1b 1c 1d 1e 1f 20 21 22 23 24 25
26 27 28 29 2a 2b 2c 2d 2e 2f 30 31 32 33 34 35
36 37
wsl-vpnkit.exe: [DEBUG] ICMP received 192.168.67.3 -> 10.114.124.197 ttl=64 ty=8 code=0 id=277 seq=3 payload len 56
wsl-vpnkit.exe: [DEBUG] received
f6 16 36 bc f9 c6 02 50 00 00 00 01 08 00 45 00
00 54 b9 44 40 00 40 01 f6 81 c0 a8 43 03 0a 72
7c c5 08 00 54 e0 01 15 00 04 93 03 9d 60 00 00
00 00 b0 cf 02 00 00 00 00 00 10 11 12 13 14 15
16 17 18 19 1a 1b 1c 1d 1e 1f 20 21 22 23 24 25
26 27 28 29 2a 2b 2c 2d 2e 2f 30 31 32 33 34 35
36 37`
from wsl-vpnkit.
Since you mentioned that SSH inside a Docker container works fine, can you do a pull on the debug-option
branch and try:
sudo VPNKIT_DEBUG=1 VPNKIT_PATH='/mnt/c/Program Files/Docker/Docker/resources/vpnkit.exe' ./wsl-vpnkit
from wsl-vpnkit.
It works like a charm!
Not sure why the standard method of installation doesn't works, maybe the "Permission Denied" is related to Windows Firewall?
But anyway... I'm very happy with this solution, thanks for the support!
from wsl-vpnkit.
Hi @sakai135,
I have tried to manually add Windows Firewall rules to allow "wsl-vpnkit.exe" inband/outband traffic. But unfortunately this doesn't helps. Also, looks like there's no such rules to deny the requests.. something else is blocking the "wsl-vpnkit.exe" process.
Does this process really uses the Windows sockets for communication, or only the PIPE is being used? This because when I open the Windows Resource Monitor I see no socket being used (i.e. listening ports or TCP connections)... or it's using UDP or either RAW sockets? Basically I want to understand why we have such "Permission denied" errors in other to find a better fix for this issue.
The main problem of using Docker Desktop vpnkit.exe's are the recent docker license changes... I don't want to use Docker Desktop anymore.
Best regards,
Sumo
from wsl-vpnkit.
@kingsumos PIPE is used for communication between WSL2 and wsl-vpnkit.exe
. wsl-vpnkit.exe
then acts as a client to relay the request/response to the destination. wsl-vpnkit.exe
does not listen on any ports.
Have you tried placing wsl-vpnkit.exe
inside C:\Program Files\somefolder
? You could also uninstall Docker Desktop and then place vpnkit.exe
in the same location. Check if there are any logs from your VPN client which may show any VPN policies that are blocking the requests.
from wsl-vpnkit.
I have tried placing vpnkit in "C:\Program Files\vpnkit\wsl-vpnkit.exe" and it works!
e.g.:
sudo VPNKIT_PATH='/mnt/c/Program Files/vpnkit/wsl-vpnkit.exe' ./wsl-vpnkit
Meanwhile I'm checking if there are any logs from my VPN client (Pulse Secure)... Funny, everything works when using "C:\Program Files", no firewall rules needed also...
Thanks for your support @sakai135 !
from wsl-vpnkit.
Related Issues (20)
- cannot add network services: listen tcp 127.0.0.1:2222: bind: An attempt was made to access a socket in a way forbidden by its access permissions. HOT 6
- request - new version release as upstream gvproxy now supports more DNS record types
- request - ipv6 support
- Patch for 0.4.1's systemd service stopped working
- Intermittently losing network connectivity - "Exception 0xc0000006" and "cannot read size from socket: EOF"
- resolution of host.internal variable HOT 1
- Systemd setup prevents wsl.exe from running
- How does WSL2 2.0.0 interact with wsl-vpnkit? HOT 17
- open capture.pcap: Access is denied HOT 1
- Lost access to WSL service from Windows when connected to VPN
- wsl-vpnkit has a undocumented effect on a distro once systemd is enabled, full uninstall info needed
- bind: An attempt was made to access a socket in a way forbidden by its access permissions.
- Any known issues with wsl-vpnkit and wsl 2.0.5? HOT 30
- Resolving interop-issue while running wsl-vpnkit as a systemd-service in own wsl-distro HOT 12
- Running wsl-vpnkit 0.4.1 works fine, but cannot make it run under systemctl HOT 17
- wsl-vpnkit and wsl 2.0.14 HOT 4
- WSL2 September 2023 allows for Mirrored Networking Mode HOT 3
- Subnet 192.168.100.0/24 ping responds always when wsl-vpnkit distro is running
- Reverse lookup does not work
- ping fail error
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from wsl-vpnkit.