Mobile VPN DNS Issues
Hi all,
not sure if I am overthinking things or have unrealistic expectations due to something our internal IT department did.
I have a strange issue in our rather strange setup.
We are one epartment with for historic reasons still a separate network infrastructure, Domains, VPN etc. Our Network is however conected to the companies main network infrastructure.
What we have set up is for examples conditional DNS forwarders in our environment for anything we need to access in the main infrastructure.
However if we connect via VPN, no matter if IKEv2 through the Windows 11 builtin VPN Client, set up with the watchguard ps script, or SSLVPN using the watchgurad Client, we have some weird DNS issue.
Problem is that our main IT department got the glorious idea to use external dns names also for internal sy<stems, resolving those on the main environments dns servers.
We have conditional forwarders as mentioned, but it seems with the vpn connection open, the DNS servers configured in the watchguad, and i tried both the gneral as VPN specific setings, seem to be completely ignored by Windows.
looking at ipconfig /all i can see the correct settings, including the suffix, for the connection, but whatever windows tries it tries to go through my home router as DNS.
Any ideas about this? Anything I can set in Windows maybe?
I am at a loss how to solve this.
Comments
Hi @AKupke
Try changing the interface's route metric so that the DNS servers for the VPN are used first
See:
(Mobile VPN with SSL client unexpectedly uses Windows LAN interface defined DNS servers over DNS servers defined by the VPN)
https://techsearch.watchguard.com/KB?type=Known Issues&SFDCID=kA10H000000g3csSAA&lang=en_US
-James Carson
WatchGuard Customer Support