Welcome to the Sophos User Bulletin Board.
If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Reply
 
LinkBack Thread Tools Display Modes
smoke455's Avatar
Member
Join Date: May 2006
Posts: 40
#1 (permalink)  
Old 05-20-2008, 12:49 AM
Default MAC OSX DNS for SSL connection

I'm using tunnelblick to connect to the SSL VPN on the ASG220. The connection works fine, except it doesn't push DNS to the mac like it does Win32 clients. Does anyone know how to get the DNS to push or be accepted by the mac using tunnelblick? Trying to remember the IP address of 29 servers when you're on the road with the mac is no fun...
Reply With Quote
BrucekConvergent's Avatar
Master of Reality
Join Date: Oct 2005
Location: SC, USA
Posts: 4,847
#2 (permalink)  
Old 05-20-2008, 03:11 PM
Default

I don't deal with Macs often... but if you just need a basic list of hosts, why not just configure the HOSTS file? To be sure, not the greatest solution, but it would work. Maybe some others may have a way to get your DNS working, though.
__________________
Convergent Information Security Solutions, LLC
Sophos Platinum Solution Partner
Reply With Quote
Senior Member
Join Date: Dec 2005
Location: Minnesota
Posts: 217
#3 (permalink)  
Old 05-20-2008, 04:44 PM
Default

Isn't there a 'set nameserver' selection under 'Details' in Tunnelblick. I thought that's what that did.... haven't used it extensively. Been using L2TP more often.
__________________
Jon Johnston
Creative Business Solutions
Astaro Preferred Partner
Website:http://www.cbsol.com
Reply With Quote
smoke455's Avatar
Member
Join Date: May 2006
Posts: 40
#4 (permalink)  
Old 05-20-2008, 07:24 PM
Default

thanks for the suggestions.
I've seen the 'set nameserver' box with "experimental" written behind it. So far it hasn't worked for me.
Currently I do keep a list of servers to connect to, but on occasion I have to look at something in the DHCP range and then its kind of a pain.
Reply With Quote
troy.murray's Avatar
Member
Join Date: Jun 2008
Location: 48911
Posts: 41
#5 (permalink)  
Old 06-11-2008, 03:56 PM
Post

It's too bad Astaro doesn't have a nice client that works on the Mac as well as Windows. The University I work for has a Juniper device and it has a nice Java client that installs and works great.
__________________
--
Troy Murray
Reply With Quote
Junior Member
Join Date: May 2008
Posts: 11
#6 (permalink)  
Old 09-09-2008, 06:30 AM
Default

was this issue ever resolved. I am having same problem SSL VPN not pushing DNS to mac client. I am using viscosity which I think is way better then tunnelblick. I can ping google's ip and I can go to google using ip. But I cant use DNS. Anyone know how to do this I tried the set nameserver in tunnelblick. I have run out of ideas.
Reply With Quote
troy.murray's Avatar
Member
Join Date: Jun 2008
Location: 48911
Posts: 41
#7 (permalink)  
Old 10-01-2008, 11:14 AM
Default

onebigm16, I looked into the Viscosity app that you mentioned and I LOVE IT! Thanks so much. I too have found it much better then Tunnelblick. My connection is working just fine, I'm able to use DNS internally without any problems. Here is how I setup my connection:
  1. I downloaded the Astaro configuration files from my User Portal, then I imported the settings into Viscosity.
  2. Edit the connection, go to the Networking tab, enter your internal subnets and use "vpn_gateway" for the gateway variable for each route
  3. On the Advanced tab, add the "--proto tcp-client" command to the list
  4. If your using an internal DNS server, which I am, make sure you have a Packet Filter rule to allow your SSL VPN pool to run a DNS query to it.

HTH, let me know if you still have questions and I'll try to answer it.
__________________
--
Troy Murray
Reply With Quote
smoke455's Avatar
Member
Join Date: May 2006
Posts: 40
#8 (permalink)  
Old 10-07-2008, 12:26 AM
Default

thanks for posting about the Viscosity app - that is just what I was looking for!
Reply With Quote
troy.murray's Avatar
Member
Join Date: Jun 2008
Location: 48911
Posts: 41
#9 (permalink)  
Old 10-07-2008, 02:11 AM
Smile

No problem, it's one of those silly little Mac apps that you come across and get really excited about. I know that sounds kind of silly, but I really, really like this program!
__________________
--
Troy Murray
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT. The time now is 08:11 AM.


Powered by vBulletin® Version 3.8.6
Copyright ©2000 - 2015, Jelsoft Enterprises Ltd.

These pages are specifically maintained for the discussion of firewall issues within the Open Source community, and might already reflect new alpha/beta releases under development. Please refer to our product specifications for the functionality of the actual release. Discussions of new/enhanced functionality does not constitute a commitment of Astaro, to integrate this functionality into future releases.