DNS name resolution when using SonicWall Mobile Connect

07/27/2022 327 People found this article helpful 493,080 Views

Description

With regular Mac OS X/Linux/Windows based client connections, SonicWall can prioritize all DNS traffic over the VPN. However, with iOS based devices (IPhone/iPad/iPod touch) using the SonicWall Mobile Connect client, DNS requests will be sent across the VPN tunnel only when it matches the DNS suffix configured on the NGFW appliance. This is an intended behavior, due to requirements by Apple. When using Split Tunnels, only DNS requests that match the VPN DNS suffix search domains will use the VPN DNS servers. Requests to domains that do not match the VPN DNS suffixes go to the local (3G/WiFi connection) DNS servers.

EXAMPLE: DNS suffix is set to example.com.

Requests to www.example.com will use the remote VPN DNS server. Requests to intranet.corp.example.com will use the remote VPN DNS server. Requests to www.sonicwall.com will use the local DNS server, as configured by the device's WiFi or 3G connection. Requests to intranet.examplecorp.com will use the local DNS server, as configured by the device's WiFi or 3G connection.

NOTE: The DNS suffix on the NGFW appliance can be configured on the SSL VPN | Client Settings page.

Resolution

Resolution for SonicOS 7.X

This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.

On the SonicWall appliance, navigate to Network | SSL VPN | Client Settings.
Click Configure to get a pop up window and navigate to Client Settings tab. Ensure that all required fields are correctly filled in. In this example, we've already configured the appliance for Netextender or Mobile Connect connectivity, and we've just configured the DNS domain/DNS suffix: Please type in the DNS Domain ( example.local) in field DNS search list in order and click ADD.
Click OK to save your changes.

Resolution for SonicOS 6.5

This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.

On the SonicWall appliance, navigate to Manage | SSL VPN | Client Settings.
Click Configure to get a pop up window and navigate to Client Settings tab. Ensure that all required fields are correctly filled in. In this example, we've already configured the appliance for Netextender or Mobile Connect connectivity, and we've just configured the DNS domain/DNS suffix: Please type in the DNS Domain ( example.local) in field DNS search list in order and click ADD.
Click OK to save your changes.

Resolution for SonicOS 6.2 and Below

The below resolution is for customers using SonicOS 6.2 and earlier firmware. For firewalls that are generation 6 and newer we suggest to upgrade to the latest general release of SonicOS 6.5 firmware.

On the SonicWall appliance, navigate to SSL VPN | Client Settings.
Click Configure to get a pop up window and navigate to Client Settings tab. Ensure that all required fields are correctly filled in. In this example, we've already configured the appliance for NetExtender connectivity, and we've just configured the DNS domain/DNS suffix: Please type in the DNSDomain ( example.local) in field DNS search list in order and click ADD.
Click OK to save your changes.

Not Finding Your Answers?

ASK THE COMMUNITY

Was This Article Helpful?

YES NO

DNS name resolution when using SonicWall Mobile Connect

Description

Resolution

Resolution for SonicOS 7.X

Resolution for SonicOS 6.5

Resolution for SonicOS 6.2 and Below

Related Articles

Categories

Not Finding Your Answers?

Was This Article Helpful?

Article Helpful Form

Article Not Helpful Form

Follow Us

Subscribe to newsletter

Stay In Touch