Page 1 of 1

no DNS resolution

Posted: Thu May 23, 2019 9:05 pm
by sfty1
Hi,

since the last viscosity update, it's not possible to resolve DNS anymore.

2019-05-23 12:43:23: Viscosity Mac 1.7.15 (1488)
2019-05-23 12:43:23: Viscosity OpenVPN Engine Started
2019-05-23 12:43:23: Running on macOS 10.14.4
2019-05-23 12:43:23: ---------
2019-05-23 12:44:42: State changed to Connecting
2019-05-23 12:44:42: Checking reachability status of connection...
2019-05-23 12:44:42: DNS resolution failed for vpn.mycompany.com
2019-05-23 12:44:42: Connection is not reachable. Disconnecting.
2019-05-23 12:44:42: State changed to Disconnected
2019-05-23 12:44:42: Connection will be reconnected when it becomes reachable


# dig vpn.mycompany.com

; <<>> DiG 9.10.6 <<>> vpn.mycompany.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5111
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;vpn.mycompany.com. IN A

;; ANSWER SECTION:
vpn.mycompany.com. 9 IN A 83.x.x.x

;; Query time: 185 msec
;; SERVER: 10.69.6.1#53(10.69.6.1)
;; WHEN: Thu May 23 12:52:09 CEST 2019
;; MSG SIZE rcvd: 77


# sudo tcpdump -nn -i any port 53
tcpdump: data link type PKTAP
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type PKTAP (Apple DLT_PKTAP), capture size 262144 bytes
12:44:41.229281 IP 10.69.6.243.60236 > 10.69.6.1.53: 11742+ A? outlook.ha.office365.com. (42)
12:44:41.229616 IP 10.69.6.1.53 > 10.69.6.243.60236: 11742 6/0/0 CNAME outlook.ms-acdc.office.com., CNAME dhr-efz.ms-acdc.office.com., A 52.97.139.2, A 40.101.88.194, A 52.97.147.178, A 40.101.9.178 (165)
.... nothing happens....


I changed the domain to something else, like www.sparklabs.com but absolutely no dns resolution attempt is taking place.

Re: no DNS resolution

Posted: Thu May 23, 2019 9:17 pm
by James
Hi sfty1,

Would you be able to send us a copy of your configuration data for your connection? It should hopefully indicate what is going on. If you don't feel comfortable posting it here, please feel free to email it to us instead:
https://www.sparklabs.com/support/#contact

You can view the configuration data for your Viscosity connection by opening Viscosity’s Preferences window, holding down the Option key on your keyboard, right-clicking (or control-clicking) on your connection, and selecting “View Configuration Data”.

Cheers,
James

Re: no DNS resolution

Posted: Thu May 23, 2019 9:30 pm
by sfty1
Code: Select all
#-- Configuration Generated By Viscosity --#

#viscosity name OPNsense1-UDP4-1194
#viscosity protocol openvpn
remote vpn.mycompany.com 1194 udp4
dev tun
persist-tun 
persist-key 
pull 
auth-user-pass 
tls-client 
ca ca.crt
remote-cert-tls server
tls-auth ta.key 1
lport 0
auth SHA256
resolv-retry infinite
cipher AES-256-CBC
comp-lzo no

Re: no DNS resolution

Posted: Thu May 23, 2019 10:38 pm
by James
Thanks for the additional details. We’ve identified the issue and pushed out an updated beta version that should address it. If you’d like to update to it and give it a try please see:
https://www.sparklabs.com/support/kb/article/using-viscosity-beta-versions/

Alternatively you can workaround the issue in version 1.7.15 by editing your connection in Viscosity, and changing the “Protocol” from “UDP v4” to “UDP”.

Regards,
James

Re: no DNS resolution

Posted: Thu May 23, 2019 11:52 pm
by sfty1
confirmed as working :)
Thank you for the fast help!