VPN messes up DNS resolution
Posted
by
user124114
on Super User
See other posts from Super User
or by user124114
Published on 2012-03-21T17:28:21Z
Indexed on
2012/03/21
17:31 UTC
Read the original article
Hit count: 300
After connecting with the Kerio VPN client (OS X Leopard) to a server, the internet (~web browsing) stopped working for the client.
After poking around, the issue seems to be bad DNS server (i.e., entering IPs directly works). After disconnecting from the VPN, the invalid DNS server disappears from scutil --dns
and all's well again.
Now, I don't understand why OS X on the client even changes the DNS settings -- internet should be routed through a different interface, through the default gateway, not through the VPN.
Questions:
- By what mechanism does connecting the VPN client change the "default" DNS server?
- How can I stop the VPN client from changing routing/DNS rules? Where is this stuff stored/modified?
Before VPN:
$ scutil --dns
DNS configuration
resolver #1
nameserver[0] : 10.66.77.1 # <---- default gateway = home router; all good
order : 200000
resolver #2
domain : local
options : mdns
timeout : 2
order : 300000
...
VPN connected:
$ scutil --dns
DNS configuration
resolver #1
nameserver[0] : 192.168.1.1 # <--- rubbish
nameserver[1] : 192.168.2.1
order : 200000
resolver #2
domain : local
options : mdns
timeout : 2
order : 300000
...
The VPN doesn't appear among $ networksetup -listallnetworkservices
.
© Super User or respective owner