Skip to main content

Mac OS X DNS Resolver.

Had an interesting problem today with a Mac OS X 10.7.5 end user working with the Apple built-in Cisco IPSEC VPN client. The end user was using a VPN profile that has split tunneling enabled.

Internal servers could not be reached via their DNS address (ip address did work). The vpn interface was getting the correct DNS settings, the Ethernet interface and WiFi interface were only getting the end users home internet connection DNS settings.

Unfortunately the VPN DNS isn't overriding the ISP's. Doesn't matter whether I change the order of services either.

Manually added the DNS to the interfaces and it works as expected but doing it that way means the end user won't be able to resolve anything when not connected to the VPN.

This is a workaround... real quick one, haven't researched it yet. Will update with more details when I have time.

https://gist.github.com/4536687

Popular posts from this blog

Mac OS X "SOE" Day 7

Page Redirection > continued from day 6... In summary, here is my method for creating a Mac OS X 10.7.3 Standard Operating Environment "SOE" Image. Overview The goal is to create a "MASTER" non-booted SOE that can be used with multiple models and it multiple sites with different local requirements. My intention is to use this "MASTER" image in a manual restore procedure due to the fact netboot facilities cannot be made available to all the sites I support however the DMG files are netboot compatible. Requirements Lion Recovery Disk Assistant v1.0 "TARGET" workstation. A compatible workstation that will be used to install Mac OS X 10.7.3 and capture a DMG image(s). "ADMIN" workstation. A workstation with Disk Utility that you will use to capture your DMG image(s). External storage such as a USB HARD DISK. Setup Downloaded the Lion Recovery Disk Assi...
more...

Mac OS X "SOE" Day 3

Page Redirection > continued from day 2... Ready to copy my scripts over, as previously mentioned I am thinking of having 3 phases; build - preps the image for dmg capture. firstboot - runs anything I can't do in build ie, writing to byhost files etc that require UUID or Macaddress. Basically machine/model specific settings. localise - runs localisation scripts such as language, locale etc etc. Basically a set of dynamic scripts in case you are an admin for multiple offices, multiple countries. So what's the minimum we need in the "build" phase? Disable the Setup Wizard. Disable the Registration Wizard. Create a local admin user(s) and set autologin for the firstboot phase. Enable root (set the password). Enable SSH Access Enable VNC Access Enable ARD Access Disable softwareupdate automatic updates "schedule" Cleanup/Minimise the dmg where possible. Set a firstboot loginhook for the second phase. What are some other n...
more...

IIS looks normal, but site won't load.

Someone updated .Net Framework on Win2003 server (required for another app). Unfortunately didn't check existing IIS sites and their requirements so it broke a custom c# web site. Uninstalled without error in the OS, but website still 404ing, reboot and iisreset didn't fix it. "%systemroot%\Microsoft.NET\Framework\ VERSION \aspnet_regiis.exe" –i Then iisreset. All good :) Read about it here http://msdn.microsoft.com/en-us/library/k6h9cz8h(v=vs.80).aspx
more...