PDA

View Full Version : Hostnames Fail to Resolve over VPN




brgnewman
Sep 6, 2013, 10:13 PM
We provide our employees with L2TP VPN access so that they can securely connect and access corporate resources from their personal computers at home. For the last few months we have been battling an issue where the personal Macs owned by various employees suddenly stop resolving hostnames over the L2TP VPN tunnel (their personal Macs initially work fine on the VPN, but after months of use they suddenly stop resolving hostnames).

If I try to ping the hostname/FQDN of a resource across the L2TP VPN tunnel (i.e. "dev01.corporate.ad"), I get an error stating:
ping: cannot resolve dev01.corporate.ad: Unknown host

However - if I ping the IP address of a resource across the L2TP VPN tunnel (i.e. 10.14.51.24), I'm able to communicate with the resource:
64 bytes from 10.14.51.24: icmp_seq=0 ttl=128 time=36.063 ms

We are using the native VPN client built into Mac OS X 10.7/10.8. Inside the VPN profile, we have correctly configured the DNS settings (DNS Server - 10.14.51.20, Search Domain - corporate.ad), but we keep encountering this issue.

The temporary workaround we have given to our employees is to run the following commands in Terminal on their personal Mac when they experience this issue:
sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist

After they run those two commands, they are able to successfully access corporate resources using their hostnames/FQDNs.

However - it's not really a solution...