Global Protect VPN client holding internal DNS address on Wireless network adaptor

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Global Protect VPN client holding internal DNS address on Wireless network adaptor

L1 Bithead

Hi,

 

I am new to PA and having just started in a new role we have an on-going issue with remote workers connecting via VPN.

 

Sometimes when they have finished their VPN session the laptop's wireless adaptor will still have an internal dns IP address in its dns server settings. This means the user cant connect to the internet until they go to the properties of the adaptor and remove thre dns ip address.

 

THis is annoying to the user and they have to have admin rights so they can clear the dns ip.

 

Anyone come accross this bug ?

We are currently using GP client 4.0.0.90

 

 

1 accepted solution

Accepted Solutions

L7 Applicator

the DNS setting within the wifi adapter does not need to change...  unless you require it to do so...

 

have you configured it to do something different in the App section of the portal.

 

look under "Update DNS settings at connect".

 

I have this set to "No" 

View solution in original post

7 REPLIES 7

L7 Applicator

the DNS setting within the wifi adapter does not need to change...  unless you require it to do so...

 

have you configured it to do something different in the App section of the portal.

 

look under "Update DNS settings at connect".

 

I have this set to "No" 

I can see under VPNClientProfile under the App tab the option: "Update DNS Settings at Connect (Windows only) (Deprecated)"

Is set to YES.

 

Is this what you refer to ?

 

Whats the impact of chaging this as once clients connect they would use internal DNS servers to resolve server names for share access ?

 

yes thats the one...

 

the client traffic will be tunneled down the VPN so it will use the DNS servers allocated to the PAN adapter.

Ok thanks, that how I thought it should work when connected to the VPN you have virtual NIC that is removed when disconnected.

 

I will try it tomorrow.

yes thats how it works but it caught me out a while ago.  I used it for the flush dns part but also found that the DNS settings were not put back.

 

even if you rejoin the wifi the users profile still kept the old DNS info.

 

so... set it to "no" and never had an issue since, we do run a few commands on post-vpn-connect and ipconfig/flushdns is one of them.

although i think flushdns is now part of the GP connect/disconnect process....   anyhows... just left it in as does no harm.

 

good luck.

THanks that was the setting. Changed it to no and now works as expected.

 

 

Hi 

Please let me know, where should I keep the setting is ' NO'  for laptop wi-fi adapter settings or portal firewall 

look under "Update DNS settings at connect".

 

I have this set to "No"  



 

 

  • 1 accepted solution
  • 7946 Views
  • 7 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!