VPN messes up DNS resolution

Posted by user124114 on Super User See other posts from Super User or by user124114
Published on 2012-03-21T17:28:21Z Indexed on 2012/03/21 17:31 UTC
Read the original article Hit count: 278

Filed under:

osx

|

vpn

After connecting with the Kerio VPN client (OS X Leopard) to a server, the internet (~web browsing) stopped working for the client.

After poking around, the issue seems to be bad DNS server (i.e., entering IPs directly works). After disconnecting from the VPN, the invalid DNS server disappears from scutil --dns and all's well again.

Now, I don't understand why OS X on the client even changes the DNS settings -- internet should be routed through a different interface, through the default gateway, not through the VPN.

Questions:

By what mechanism does connecting the VPN client change the "default" DNS server?
How can I stop the VPN client from changing routing/DNS rules? Where is this stuff stored/modified?

Before VPN:

$ scutil --dns
DNS configuration

resolver #1
  nameserver[0] : 10.66.77.1 # <---- default gateway = home router; all good
  order   : 200000

resolver #2
  domain : local
  options : mdns
  timeout : 2
  order   : 300000

...

VPN connected:

$ scutil --dns
DNS configuration

resolver #1
  nameserver[0] : 192.168.1.1 # <--- rubbish
  nameserver[1] : 192.168.2.1
  order   : 200000

resolver #2
  domain : local
  options : mdns
  timeout : 2
  order   : 300000

...

The VPN doesn't appear among $ networksetup -listallnetworkservices.

© Super User or respective owner

Related posts about osx

OSX/Wine - Associating file extension (.php) with a Windows program on OSX

as seen on Super User - Search for 'Super User'
Greetings, I am running PSPad (a Windows programming editor) on OSX/Snow Leopard using Wine 1.1.35 I want to associate various file extensions (.php, .js, .html) with PSPad.exe OSX Finder does not allow this association -- I can only associate file types with $.app items in Applications. How do… >>> More
osx web service spawns icon in taskbar - osx - while drawing image

as seen on Stack Overflow - Search for 'Stack Overflow'
I have a web endpoint that displays an image of a string... When the following code is run (in tomcat) it spawns a java icon in the taskbar on OSX. Not sure if it is a problem, or whats going on. Looking for some sort of explination @RequestMapping("/text/{text}") public void textImage(HttpServletResponse… >>> More
Cannot disable spotlight indexing on volume

as seen on Super User - Search for 'Super User'
I have a FAT32 partition on my HDD. When using OSX, it is mounted to /Volumes/MEDIA. After a recent upgrade to Mavericks, spotlight is having trouble indexing it, eating up almost all of my system resources, and I cannot get the indexing to stop: [jay-mba-osx ~]% sudo mdutil -v -a -i off /: Indexing… >>> More
OSX - User home directories shared via NFS

as seen on Super User - Search for 'Super User'
Hi, I've run into some problems with how I've got user home directories set up on our system here. Our server is an XServe, using Open Directory to manage the user accounts. The majority of our workstations are OSX, but there are a few running Linux (Centos 5.3), and, as time goes on, we expect… >>> More
Can't connect to local IP address on OSX

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm trying to connect to a webserver that's running on my mac OSX 1.6. I'm able to connect to it locally using http://127.0.0.1:8888/myapp but when I attempt to connect to it using my machine's local IP address (http://192.168.1.15:8888/myapp IP shown below) from the same machine (or another on the… >>> More

Related posts about vpn

Problem with setup VPN in Ubuntu Server 12.04

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I have a problem with setup VPN server on my Ubuntu VPS, here is my server environments: Ubuntu Server 12.04 x86_64 xl2tpd 1.3.1+dfsg-1 pppd 2.4.5-5ubuntu1 openswan 1:2.6.38-1~precise1 After install software and configuration: ipsec verify Checking your system to see if IPsec got installed and… >>> More
Problem with setup VPN on Ubuntu Server 12.04

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I have a problem with setup VPN server on my Ubuntu VPS, here is my server environments: Ubuntu Server 12.04 x86_64 xl2tpd 1.3.1+dfsg-1 pppd 2.4.5-5ubuntu1 openswan 1:2.6.38-1~precise1 After install software and configuration: ipsec verify Checking your system to see if IPsec got installed and… >>> More
l2tp / ipsec debian Openswan U2.6.38 does not connect

as seen on Server Fault - Search for 'Server Fault'
i am trying to get ipsec/l2tp running on a debian server with an iphone as a client but always get: Dec 2 21:00:04 vpn pluto[22711]: packet from <clientip>:43598: received Vendor ID payload [RFC 3947] method set to=115 Dec 2 21:00:04 vpn pluto[22711]: packet from <clientip>:43598: received… >>> More
Setup VPN issue on Ubuntu Server 12.04

as seen on Server Fault - Search for 'Server Fault'
I have a problem with setup VPN server on my Ubuntu VPS, here is my server environments: Ubuntu Server 12.04 x86_64 xl2tpd 1.3.1+dfsg-1 pppd 2.4.5-5ubuntu1 openswan 1:2.6.38-1~precise1 After install software and configuration: ipsec verify Checking your system to see if IPsec got installed and… >>> More
Cannot connect with Cisco VPN but can connect with ShrewSoft VPN

as seen on Server Fault - Search for 'Server Fault'
EDIT: We connected an air card to the computer to use a different Internet connection and using the Cisco software, we were able to successfully connect to our VPN server. I just don't understand why the ShrewSoft VPN client would connect but the Cisco connection won't. I'm not our network admin… >>> More