Thread Info
  • State Suggested Answer
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 40 subscribers
  • Views 661 views
  • Users 0 members are here
Options
Suggested

Connecting to VPN ignores all local DNS setup

Matt Tyree

I have some services running on a local server behind a reverse proxy and those services are protected from access outside IP subnets not specified in the reverse proxy settings.

In my local router, I have the addresses for all these services listed and set to point to my local reverse proxy rather than circle out to the net and back. This keeps my IP local and therefore I am able to access the protected services.

This works great until I connect to my office's VPN via Sophos Connect. When I connect to that, I'm assuming my PC only uses the DNS servers on the VPN and therefore doesn't get that local route to my reverse proxy. So it circles out to the net, gets my external IP, and hits my local protected services and is rejected.

I need to connect to my office VPN to access resources on that network, but I don't need all my traffic hijacked by the VPN. Is there some way to have my LAN and my VPN connections coexist?

Or can I somehow add my local DNS server to the list of servers that the VPN uses?

Thanks!



Added TAGs
[edited by: emmosophos at 5:04 PM (GMT -7) on 1 Apr 2024]
Parents
  • 0

    If you are using SSL VPN from Sophos, then in the SSL VPN global settings you can set up DNS-servers to be used when connecting through SSL VPN.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • 0 in reply to apijnappels

    I'm having the same problem.  My VPN IP range is 10.81.x.x.  My DNS server is 10.0.0.5.  Connected to VPN I can ping 10.0.0.5, and every other LAN IP.  Just that name resolution doesn't work.

  • 0 in reply to Joe Schmoe

    I´ve got the same issue almost one year ago.
    Try to check your interface metric setting in the client (Windows)

    Compare that the VPN Interface has a lower metric than the LAN or WLAN Interface.

    Than ist worked for me.

    netsh int ip show interfaces

     Idx     Met         MTU          State                Name

    ---  ----------  ----------  ------------  ---------------------------

    37          25        1500  connected     Ethernet

    42         5       1500  connected     LAN-Verbindung      <-VPN Connection

    51          25        1500  disconnected  WLAN

      1          75  4294967295  connected     Loopback Pseudo-Interface 1

    43          85        1500  disconnected  Mobilfunk 23

Reply
  • 0 in reply to Joe Schmoe

    I´ve got the same issue almost one year ago.
    Try to check your interface metric setting in the client (Windows)

    Compare that the VPN Interface has a lower metric than the LAN or WLAN Interface.

    Than ist worked for me.

    netsh int ip show interfaces

     Idx     Met         MTU          State                Name

    ---  ----------  ----------  ------------  ---------------------------

    37          25        1500  connected     Ethernet

    42         5       1500  connected     LAN-Verbindung      <-VPN Connection

    51          25        1500  disconnected  WLAN

      1          75  4294967295  connected     Loopback Pseudo-Interface 1

    43          85        1500  disconnected  Mobilfunk 23

Children
No Data
Unfiltered HTML