Security

last person joined: 3 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Windows 10 2004 breaks VIA DNS on split tunnel

This thread has been viewed 0 times

  • 1.  Windows 10 2004 breaks VIA DNS on split tunnel

    Posted Aug 21, 2020 09:16 AM

    Well, the title pretty much sums it up.

     

    When using VIA 4.0 on Windows 10 May 2020 edition (2004), the DNS server entry from VIA is no longer pushed to the top. So, if you are in a split tunnel environment, your DNS lookups will continue to go to your workstation's configured DNS.  In our case, this makes all internal only addresses unresolvable.

     

    Yes, this is a Windows problem. Yes, I'm opening a TAC case to report it. Just dropping it here in case anyone else might benefit.

     



  • 2.  RE: Windows 10 2004 breaks VIA DNS on split tunnel

    EMPLOYEE
    Posted Aug 21, 2020 09:20 AM

    I don't see the same issue.  Please report what they find.



  • 3.  RE: Windows 10 2004 breaks VIA DNS on split tunnel
    Best Answer

    Posted Aug 29, 2020 08:34 AM

    I finally got a chance to try replicating this and it turns out the problem was not specific to the Windows version, but rather the way I was testing.

     

    I'll save you the gory details, but in a nutshell the Windows resolver libraries (used by browsers, ping, etc) do get the new DNS server added properly. 

     

    However, nslookup, dig, etc have their own resolver code, and do not use the Windows libraries. So it appears that the new DNS server is injected into list used by the Windows libraries, but is not seen by other resolvers.