Skip to content
Split DNS stops working when activating system wide DNS profile enabling encrypted DNS
Got a problem with Viscosity or need help? Ask here!
Installing the system profile available here: https://paulmillr.com/posts/encrypted-dns/ I am no longer able to resolve DNS lookups that are internal to the VPN network to which I am connecting.
Is there some magic permutation of settings in Viscosity I can use to make this work, or does the system profile installed simply override all DNS resolving and I just can't use it?
Is there some magic permutation of settings in Viscosity I can use to make this work, or does the system profile installed simply override all DNS resolving and I just can't use it?
Hi HenrikWL,
I'm afraid managed system profiles will override local network settings (by design).
It would likely be possible to alter the managed profile to include your VPN DNS server/s and the domains to be associated with them (I believe the option is named something like Supplemental Match Domains) however I'm afraid I have no idea how well this will work when the VPN connection isn't active. If you're familiar with managed system profiles you could give it a shot and see how it goes.
Now that DoH is in macOS it'll come to OpenVPN connections at some point. Right now there isn't a way to specify or push DoH servers for OpenVPN, but if it isn't something that gets added to the core project it's likely we'll put something together to support it.
Cheers,
James
I'm afraid managed system profiles will override local network settings (by design).
It would likely be possible to alter the managed profile to include your VPN DNS server/s and the domains to be associated with them (I believe the option is named something like Supplemental Match Domains) however I'm afraid I have no idea how well this will work when the VPN connection isn't active. If you're familiar with managed system profiles you could give it a shot and see how it goes.
Now that DoH is in macOS it'll come to OpenVPN connections at some point. Right now there isn't a way to specify or push DoH servers for OpenVPN, but if it isn't something that gets added to the core project it's likely we'll put something together to support it.
Cheers,
James
Web: https://www.sparklabs.com
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs
3 posts
Page 1 of 1