Network Management

Reply
New Contributor
Posts: 2
Registered: ‎03-13-2016

DNS servers not set to internal servers when using OS X Via VPn Client

My company is using Mac VIA for VPN access of our Apple Users.

I'm running Mac VIA on OS X ElCapitan and every time i connect to our VPN I need to manually set the DNS servers as they are not automatically set to the internal DNS servers that are required to resolve internal hosts.

Is there anything wrong on the VPN gateway side?

Guru Elite
Posts: 20,586
Registered: ‎03-29-2007

Re: DNS servers not set to internal servers when using OS X Via VPn Client

You need to go to configuration> Advanced Services, VPN Services.  Under IPSEC set your primary and secondary DNS servers there.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

New Contributor
Posts: 2
Registered: ‎03-13-2016

Re: DNS servers not set to internal servers when using OS X Via VPn Client

Thanks for the quick reply. I will let our network admins know .

It seems though that the setting for DNS servers on the gateway side is there as our Windows Users do not have problems with DNS. Only Mac Users have to set their DNS servers manually once they are connected to the VPN.

MVP
Posts: 301
Registered: ‎04-03-2014

Re: DNS servers not set to internal servers when using OS X Via VPn Client

Hi!

 

Did you find any solution to this? We just had our first case of this behaviour after upgrading to VIA 3.0.0.

 

Cheers,

Christoffer Jacobsson | Aranya AB
Aruba: ACMX #537 ACCP | CWNP: CWNA CWDP CWSP
Guru Elite
Posts: 20,586
Registered: ‎03-29-2007

Re: DNS servers not set to internal servers when using OS X Via VPn Client

Christoffer,

 

We don't see that behavior.

 

Is split-tunneling configured or not?

 

Have the mac user type "scutil --dns" at the commandline to ensure that they are getting the correct DNS server(s).



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

New Contributor
Posts: 2
Registered: ‎06-07-2016

Re: DNS servers not set to internal servers when using OS X Via VPn Client

[ Edited ]

Hi cjoseph,

I'm affiliated with Christoffer.


cjoseph wrote:

 

 

Is split-tunneling configured or not? 

 


Split-tunneling is configured.


cjoseph wrote:

 

 

Have the mac user type "scutil --dns" at the commandline to ensure that they are getting the correct DNS server(s).


The client's Mac machine has the correct DNS server, as follows:

"resolver #2
nameserver[0] : 172.16.1.10
if_index : 10 (utun0)
flags : Scoped, Request A records
Reachable, Transient Connection, Connection Required, Automatic Connection On Demand"

Note: The settings for the DNS server had to be configured manually under the Wireless Network adapter, due to no changes to the VIA connection adapter were allowed.

I'm sorry for heading off topic, but the initial problem were raised to our knowledge when the certificate was about to expire, and the user device got re-provisioned. After the re-provisioned process, the user were prompted with the following message:

"There is no certificate in keychain which has neagent in its ACL." 

During the initial state, the client's Mac machine were running Mac VIA 2.0.3.72619, along with a complete certificate chain.

Thanks in advance.



New Contributor
Posts: 2
Registered: ‎06-07-2016

Re: DNS servers not set to internal servers when using OS X Via VPn Client

[ Edited ]

Update:
We managed to get this sorted out by removing Mac VIA 3.0.0 from the client machine and revert back to previous version, Mac VIA 2.0.3.72619.

Search Airheads
Showing results for 
Search instead for 
Did you mean: