This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Change some VPN settings

Hello,

I'm using Sparklabs Viscosity as a VPN Client for the Sophos OpenVPN.

Currently, I have to enter some settings into the Client, which are supposedly also possible to work automatically.

Right now, I have to set Viscosity to Split DNS and enter domain names into Viscosity. The default setting is Automatic (pull the settings from the server) and no domains entered - this settings should be taken from "some" file.

The dev is writing me following:

If Viscosity is defaulting to Full DNS, this means that your Sophos UTM is set to push redirect-gateway, or there is a setting that instructs clients to push all traffic through the VPN. Turning this off will default Viscosity to Split DNS.
Then you can push Domains from your server - https://sparklabs.com/support/kb/article/configuring-dns-and-wins-settings/#pushing-dns-wins-settings-from-the-server

While the first thing might be working (how do I check this, what am I looking for in the connection log?), the domain thing certainly doesn't. I should enter:

push "dhcp-option DOMAIN example.com" 

Where? How?

Thanks



This thread was automatically locked due to age.
  • Hallo,

    I think you haven't gotten an answer because it's unclear what you want to do.  Split DNS?  Do you have an internal DNS server?  Also, show us a picture of the 'Remote Access >> Advanced' page.

    In any case, when using the SSL VPN, ipconfig /flushdns is your friend on the Windows client side.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Yes, I want Split DNS. Yes, I have an internal DNS.

    I am not comfortable with giving out the exact entries, so I'll just write here:

    DNS Server #1: DC1 IP

    DNS Server #2: DC2 IP

    no WINS

    Domain: internal.company.com

    While internal.company.com is our main domain, we have a secondary domain (call it internal2.company.com).

    Currently, to make it work, I have to enter both domains into Viscosity Client on the Client-PC, to make sure if a Client asks for internal or internal2, that the requests go over DC1/DC2.

    My question is:

    How can I make this work server-side (on the Sophos)? I was reading about some config-files that I might adapt, also that's what Viscosity-Dev has written too.

    I know about flushdns, that is not the problem... the problem are being two domains, which I can't enter into Sophos GUI.

    In my opinion, Sophos should adapt the advanced page to allow for multiple domain entries.

  • There is no to me known way to do this via GUI

    You could edit your config files but these would be overwritten in case of update / backup restore ...

    additionally if you edit the config files by hand, you would loose warranty and support ...

     

    Hope this helps,

     

    Cheers,

    Chris

  • If using Request Routes doesn't address your issue, I don't understand - Sorry, I can't "see" what you want to do.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • If editing config files voids warranty, then that's not something I want to do.

    About Request Routing - I already have those in place, but these don't get forwarded to the VPN-Client on the workstation. The problem is at the Client-End: when a Client connects via VPN, there is nothing telling the client to connect over VPN if a certain domain is requested - except the entry in the VPN-Software.

    I might have to look at the used DNS servers though - I called one Sophos Expert today, and he told me to check which DNS Servers computer is checking, when VPN is connected. I'll do that next.

    Maybe I didn't state the obvious: we are not using Sophos VPN Client, but Sparklabs Viscosity.