Network Management

last person joined: 22 hours ago 

Keep an informative eye on your network with IMC and Airwave network management solutions.
Expand all | Collapse all

DNS servers not set to internal servers when using OS X Via VPn Client

  • 1.  DNS servers not set to internal servers when using OS X Via VPn Client

    Posted Mar 13, 2016 10:44 AM

    My company is using Mac VIA for VPN access of our Apple Users.

    I'm running Mac VIA on OS X ElCapitan and every time i connect to our VPN I need to manually set the DNS servers as they are not automatically set to the internal DNS servers that are required to resolve internal hosts.

    Is there anything wrong on the VPN gateway side?



  • 2.  RE: DNS servers not set to internal servers when using OS X Via VPn Client

    Posted Mar 13, 2016 11:07 AM

    You need to go to configuration> Advanced Services, VPN Services.  Under IPSEC set your primary and secondary DNS servers there.

     



  • 3.  RE: DNS servers not set to internal servers when using OS X Via VPn Client

    Posted Mar 13, 2016 11:15 AM

    Thanks for the quick reply. I will let our network admins know .

    It seems though that the setting for DNS servers on the gateway side is there as our Windows Users do not have problems with DNS. Only Mac Users have to set their DNS servers manually once they are connected to the VPN.



  • 4.  RE: DNS servers not set to internal servers when using OS X Via VPn Client

    Posted Jun 03, 2016 10:12 AM

    Hi!

     

    Did you find any solution to this? We just had our first case of this behaviour after upgrading to VIA 3.0.0.

     

    Cheers,



  • 5.  RE: DNS servers not set to internal servers when using OS X Via VPn Client

    Posted Jun 03, 2016 12:54 PM

    Christoffer,

     

    We don't see that behavior.

     

    Is split-tunneling configured or not?

     

    Have the mac user type "scutil --dns" at the commandline to ensure that they are getting the correct DNS server(s).



  • 6.  RE: DNS servers not set to internal servers when using OS X Via VPn Client

    Posted Jun 09, 2016 06:38 AM

    Hi cjoseph,

    I'm affiliated with Christoffer.


    @cjoseph wrote:

     

     

    Is split-tunneling configured or not? 

     


    Split-tunneling is configured.


    @cjoseph wrote:

     

     

    Have the mac user type "scutil --dns" at the commandline to ensure that they are getting the correct DNS server(s).


    The client's Mac machine has the correct DNS server, as follows:

    "resolver #2
    nameserver[0] : 172.16.1.10
    if_index : 10 (utun0)
    flags : Scoped, Request A records
    Reachable, Transient Connection, Connection Required, Automatic Connection On Demand"

    Note: The settings for the DNS server had to be configured manually under the Wireless Network adapter, due to no changes to the VIA connection adapter were allowed.

    I'm sorry for heading off topic, but the initial problem were raised to our knowledge when the certificate was about to expire, and the user device got re-provisioned. After the re-provisioned process, the user were prompted with the following message:

    "There is no certificate in keychain which has neagent in its ACL." 

    During the initial state, the client's Mac machine were running Mac VIA 2.0.3.72619, along with a complete certificate chain.

    Thanks in advance.





  • 7.  RE: DNS servers not set to internal servers when using OS X Via VPn Client

    Posted Jun 09, 2016 10:25 AM

    Update:
    We managed to get this sorted out by removing Mac VIA 3.0.0 from the client machine and revert back to previous version, Mac VIA 2.0.3.72619.