Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Home >   Check Point Forums >   Software Blades and Gateways >   Mobile Access / SSL VPN

Thread: Mobile VPN on iOS not resolving internal DNS

Welcome, Guest Help
Login Login
Guest Settings Guest Settings
This question is answered. Helpful answers available: 2. Correct answers available: 1.


Permlink Replies: 3 - Pages: 1 - Last Post: Dec 18, 2012 6:28 PM by: Jeremy Lieb Threads: [ Previous | Next ]
Jeremy Lieb

Posts: 5
Registered: 10/31/11
Mobile VPN on iOS not resolving internal DNS
Posted: Dec 11, 2012 5:40 AM
 
  Click to reply to this thread Reply

Good evening,

We have an environment running R75.45 for Management with the VPN gateway at R75.40. We have enabled the Mobile Access blade and Android and iPhone can connect just fine to the gateway. The problem is that iPhone users after connecting and receiving their Office Mode address including internal DNS servers can not access internal sites. The DNS is resolving externally. The Android client on 4.1.1 on a Galaxy Note 2 can connect and does resolve the sites internally. Is there a known issue with DNS resolution for the iPhone Mobile client where the gateway is R75.40?

Thanks

Gil Geron

Posts: 39
Registered: 9/16/11
Re: Mobile VPN on iOS not resolving internal DNS
Posted: Dec 11, 2012 10:38 AM   in response to: Jeremy Lieb
 
  Click to reply to this thread Reply

Hi,
The DNS resolution works differently between iOS and Android.
In Android: once the VPN tunnel is established all the DNS requests are redirected to the internal DNS.
In iOS: once VPN tunnel is established only the DNS requests with the tunnel DNS suffix are redirected to the internal DNS.

From your description it sounds like the DNS suffix is not defined correctly. you should go to the dashboard -> GW properties -> IPSec -> office mode -> optional params -> define internal domain suffix.

Gil

Richard Liessum...

Posts: 19
Registered: 4/1/09
Re: Mobile VPN on iOS not resolving internal DNS
Posted: Dec 11, 2012 1:51 PM   in response to: Gil Geron
 
  Click to reply to this thread Reply

Does this method also applies to Mac OSX where they same problems occur?

Jeremy Lieb

Posts: 5
Registered: 10/31/11
Re: Mobile VPN on iOS not resolving internal DNS
Posted: Dec 18, 2012 6:28 PM   in response to: Gil Geron
 
  Click to reply to this thread Reply

Thank you very much. That indeed was the issue. After changing the suffix from a .int to .com iPhone can now connect to internal sites without issue.

Legend
Expert: 751 + pts
Advanced: 301 - 750 pts
Enthusiast: 101 - 300 pts
Novice: 0 - 100 pts
Check Point
Helpful Answer (5 pts)
Correct Answer (10 pts)