Global Protect messes up my DNS route table on MacOS

pomologist — Wed, 19 May 2021 18:08:20 GMT

Hello! Quick question.

I just configured global protect. When I first configured it, I was sending all traffic through the tunnel which wasn't working well. So afterword I set it to allow split tunneling. But here's the problem:

The first computer (MacOS) which I enrolled in GP when I was forcing all traffic through the tunnel, now will not connect to the internet when connected to GP, although it does connect to GP assets fine. Another MacOS computer that I enrolled after I turned on split tunneling, works to access internet perfectly as well as GP assets

Turns out this is a DNS issue on the first computer. The routing table in the troublesome computer reveals I have duplicate DNS entries in the routing table, two that are pointing to the IP I receive after connecting to the GP gateway (these have priority as they appear first in the list), and two more that are pointing where they should. When I manually update my routing table to remove the DNS entries pointing to the IP I receive after connecting to the GP gateway, all my troubles vanish, I can access the GP assets, as well as my local network. However restarting the computer and reconnecting to GP restores the routing table to the incorrect state. When I disconnect from GP, the rogue DNS entries disappear and my routing table behaves normally allowing normal internet access. When I reconnect to GP, my DNS routing table entries again are messed up. I have deleted the GP app and re-installed, but the incorrect routing table entries are still there. I have flushed my routing table completely, but upon connecting to GP, the rogue DNS entries in the routing table mysteriously appear.

As I said above, I enrolled a second computer in GP and it connects normally and doesn't have the rogue DNS entries. It's just the first computer that is messed up now, the one I enrolled when I was still forcing all traffic to use the GP tunnel.

Any idea what I can do to fix the problem?

Re: Global Protect messes up my DNS route table on MacOS

pomologist — Wed, 19 May 2021 18:39:43 GMT

Here are photos showing the problem. The first is netstat output showing DNS routing when not connected to GP, everything works as expected.

The second photos shows what happens to DNS when I connect to GP. 10.0.0.1 is the IP I was given from the IP pool after I connected to GP. DNS obviously doesn't work.

Re: Global Protect messes up my DNS route table on MacOS

pomologist — Thu, 20 May 2021 02:14:42 GMT

Well it looks like I may be wrong about my above conclusion! The netstat output of the working computer is exactly the same as the output of the non-working computer pictured above! The only other difference between the computers is that the working computer is running MacOS 10.14.6, and the non-working is running MacOS 11.2.3.

If anyone has any pointers, I'd be glad to hear.

topic Re: Global Protect messes up my DNS route table on MacOS in GlobalProtect Discussions

Global Protect messes up my DNS route table on MacOS

Re: Global Protect messes up my DNS route table on MacOS

Re: Global Protect messes up my DNS route table on MacOS