is the next Chiquita
Join Date: Feb 2005
|
I'm trying to get my VPN to actually use DNS servers provided for the VPN but I've had no luck getting this to work.
If I allow all traffic to go through the VPN, I can then access the local resources but I don't want to do that. I want to use my default internet connection for anything that's not VPN-local resources. I've added entries to the VPN's DNS and Domain Server but that didn't seem to have any effect since whenever I try to access the resources, I get OpenDNS page. For some resources, I can get away with fully qualifiying the address but for other resources, that won't work. Example: I can get to a network share using a FQDN of this form servername.companyname.local, but I can't use Safari to browse to an internal site with URL of sitename.companyname.local; I have to give only sitename (this is not a FQDN). As indicated, it will work OK if I direct all traffic via the VPN but I'd really like to not do that. Windows can do that. Surely Mac OS X can do that, too. |
quote |
I shot the sherrif.
|
It might be the order of your DNS servers. Does your company have an internal DNS server that you can use as the primary when connected via the VPN, rather than as the last option, or are you saying you've done that already and it didn't help?
I know occasionally when I connect to our company VPN the DNS doesn't work, but it seems like it's a 1 in 30 kind of thing, very random, and disconnecting/reconnecting will fix the issue immediately. edit: actually, after looking at my setup, I don't specify the DNS server anywhere, but in my VPN connection I did specify the FQDN in the "search domains" field in the VPN > Advanced > DNS window. Google is your frenemy. Caveat Emptor - Latin for tough titty I tend to interpret things in the way that's most hilarious to me |
quote |
is the next Chiquita
Join Date: Feb 2005
|
I'm sure they do have an internal DNS server. However, I basically did what you did, filling the FQDN in the "search domains" in the DNS tab for the VPN connection. That doesn't take if I clear the "Send all traffics over VPN Connection" checkbox on the Option tab. If I check that one, it will work fine but I don't want that.
As an experiment, I added the company's DNS server to my Ethernet connection and put it ahead of OpenDNS. No go. |
quote |
I shot the sherrif.
|
Have you tried adding their VPN server to the DNS server entry box to the left of the "Search Domains" field? I've done that in the past and had that work as well.
Google is your frenemy. Caveat Emptor - Latin for tough titty I tend to interpret things in the way that's most hilarious to me |
quote |
is the next Chiquita
Join Date: Feb 2005
|
First, I tried the VPN server's IP (which is a public IP) -- it didn't work. I then tried the private IP of the DNS server and no luck as well.
|
quote |
I shot the sherrif.
|
Hmm, not sure what's going on then exactly. I'm using a very similar setup to what you're describing at our office with no trouble, but then again, I'm connecting to an OSX server for our VPN, so that might have something to do with it?
I have disabled the IPv6 configuration, since a lot of stuff tries to configure it even though it's rarely set up correctly. That's about all I've got. Sorry. Google is your frenemy. Caveat Emptor - Latin for tough titty I tend to interpret things in the way that's most hilarious to me |
quote |
is the next Chiquita
Join Date: Feb 2005
|
I'd wager the server in this case is a Windows Server so there may be something else going. This is one of thread I had looked at but it was about Cisco and resolved with Cisco software. However, it does seems to indicate I'm not alone in running into problems with getting DNS working correctly for both external and VPN resources.
This thread also mentions how Mac OS X seems to be fussy and mentions that Bonjour may interfere if the TLD is ".local" which is actually the case with my company's internal network. However, that was resolved by entering "local" in the search domain lists. I'm not sure if the poster meant just "local" or actually "companyname.local" but I did add "local" as test and ruled the possibility out. Nonetheless, I do appreciate your suggestions - it helps me to know what I should be looking at. I hope I eventually get this brain stumper resolved. I was able to squeak by using FQDN for most of network resources such as remote connections and shared folders but internal sites can't be accessed with a FQDN. PS: I noted I didn't do anything for IPv6 so as test, I disabled all IPv6 for all network interfaces. Didn't help but at least it'll simplify things since as you noted, they tend to be never configured correctly. (Tangent: are we going to ever move to IPv6? It seems that everybody is staying put with IPv4, doesn't it?) |
quote |
Posting Rules | Navigation |
|
Thread Tools | |