Sophos AP/APX users may experience issues registering to Sophos Central. More info available here: Central Wireless
We'd love to hear about it! Click here to go to the product suggestion community
We have a UTM9 as our firewall and default gateway.
We have no internal DNS server.
We have Mac clients using Tunnelblick 3.2.x OpenVPN app, connecting to the UTM (Remote Access SSL) just fine and accessing internal resources. There are many static DNS entries ('network definitions').
We have a public website http://example.com
We have an internal website http://intranet.example.com that sits behind the UTM9. It has a static DNS entry ('network definition'). Internal office computers can access this website no problem.
When our remote VPN clients connect to our UTM9, and try to access the intranet, they receive a page not found error from the public website host, using either the intranet URL or the IP Address. So it would seem that the public DNS servers (220.127.116.11) are being used, instead of the UTM9 (10.x.6.1 in the image below).The Mac clients receive the same network DNS settings when connected via VPN, as they do in the office:
VPN client settings:
UTM9 DNS Settings:
Client DHCP Settings:
One issue I encountered whilst troubleshooting the VPN connection on different Macs from outside the office (including Macs that have never joined this company domain/office network), is that sometimes the name resolution works for a while and then fails, redirecting to the public website host again.Any troubleshooting tips most welcome, thanks!
I am the only user of SSL VPN, and I have despaired of the DNS resolution working reliably. But have not chased the issue with Support yet.
In reply to DouglasFoster:
Sorry to hear you are also having issues, but glad I am not alone!
I am now considering to setup an internal DNS Server.