search

passepartoutvpn / passepartout-app

VPN client for Apple platforms.
https://passepartoutvpn.app
GNU General Public License v3.0
775 stars 119 forks source link

DNS from server are not set #362

Closed drozel closed 9 months ago

drozel commented 9 months ago

Summary

MacOS: When connecting to the server, the client gets DNS configuration pushed by the server but doesn't apply it in. the system

Steps to reproduce

What is the current bug behavior?

MacOS 13.5.2 (22G91). Connect to a server that pushes a DNS config: image

But DNS is not set in the system:

nslookup release.mycompany
Server:     8.8.8.8
Address:    8.8.8.8#53

** server can't find release.mycompany NXDOMAIN

DNS is also not set in the MacOS settings: image

What is the expected correct behavior?

When connecting via the same .ovpn using Tunnelblick, I get addresses set: image

▶ nslookup release.mycompany
Server:     10.200.6.11
Address:    10.200.6.11#53

Non-authoritative answer:
Name:   release.mycompany
Address: 10.1.0.33

Relevant logs and/or screenshots

Possible fixes suggested remediation

It really looks like Passepartout wants but can't set DNS in the system

keeshux commented 9 months ago

@drozel thanks for your report! Question: is the VPN set as the default gateway? If so, I believe I have a similar issue tracked somewhere, give me a sec.

keeshux commented 9 months ago

Does #298 sound familiar?

https://github.com/passepartoutvpn/passepartout-apple/issues/298#issuecomment-1544295367

drozel commented 9 months ago

Thank you, I just disabled "Default Gateway - Automatic" like this and everything works. (I had to pay for network settings but with your guys reaction time and attention I'm ready to donate once again ;) )

image

I honestly don't understand what I just changed: with enabled bottom switches it looks like nothing was really changed..?

drozel commented 9 months ago

UPD: I see what it does. Now, all my traffic goes via company, even when I visit github or so.

Without VPN

traceroute microsoft.com
traceroute: Warning: microsoft.com has multiple addresses; using 20.112.250.133
traceroute to microsoft.com (20.112.250.133), 64 hops max, 52 byte packets
 1  192.168.47.1 (192.168.47.1)  2.777 ms  1.420 ms  1.827 ms    <---- my router

Passepartout with Automatic (vpn issue):

▶ traceroute microsoft.com
traceroute: Warning: microsoft.com has multiple addresses; using 20.112.250.133
traceroute to microsoft.com (20.112.250.133), 64 hops max, 52 byte packets
 1  192.168.47.1 (192.168.47.1)  2.046 ms  1.087 ms  1.085 ms

BUT

▶ traceroute gitlab.mycompany
traceroute to gitlab.mycompany (10.1.0.190), 64 hops max, 52 byte packets
 1  10.3.3.1 (10.3.3.1)  7.295 ms  6.960 ms  6.346 ms.  <----- internal resources

Passepartout without Automatic (VPN issue solved but):

▶ traceroute microsoft.com
traceroute: Warning: microsoft.com has multiple addresses; using 20.231.239.246
traceroute to microsoft.com (20.231.239.246), 64 hops max, 52 byte packets
 1  10.3.3.1 (10.3.3.1)  19.968 ms  12.433 ms  34.097 ms

Sad... I think I can't accept all my traffic to go via the company

keeshux commented 9 months ago

Indeed, it looks like the same issue, i.e. DNS servers don't apply when you're not using the VPN as the default gateway. It's also sad, I agree. So far, I have no clue to the issue, I'd really like to exclude this as a Mac bug.

P.S.: "your guys" is one guy lol.

keeshux commented 9 months ago

Anyway, until different notice, I'm marking this as a duplicate of #298. Please follow the discussion over there.

Thanks for reporting!

drozel commented 9 months ago

P.S.: "your guys" is one guy lol.

Haha, I meant 'you guys', sorry. I saw a list of contributors on the home page. Thanks =)