Hi everyone,
I had this setup working for a couple of weeks but now suddently it stopped working. Basically, I can connect to the AWS VPN using the AWS VPN Client, but as soon as I connect, the DNS stops working and I cannot resolve anymore. I can perfectly ping external IPs, so I do have connection. I can also ping EC2 instances in my VPN. The problem is that the DNS on my MacOS stopped working.
I have a co-worker using the Windows client and it works for him. Another co-worker, also on Mac and it works. So there is something in particular with my machine.
If I run scutil --dns
I can see something like:
DNS configuration
resolver #1
nameserver[0] : 10.0.2.1
flags : Request A records
reach : 0x00000002 (Reachable)
Same IP is written in /etc/resolve.conf
. Notice that it is not even the same IP every time I connect to the VPN. For example, once I got 10.0.0.1 as well. In that other coworker on Mac where it works, the /etc/resove.conf
is not changed at all. It keeps the original value before connecting to the VPN.
The command nslookup www.amazon.com
answers:
;; connection timed out; no servers could be reached
I also tried adding DNS servers on the VPN Client endpoint. I tried adding 10.0.0.2 as the DNS server. But still, nothing changed.
Of course, if I go to the Network settings on the Mac, I go to the Wifi connection, then to the DNS section and change 192.168.7.1 (my correct DNS before connecting to the VPN) to 8.8.8.8 (Google's DNS), then everything works. But this is a workaround. I want to understand what is going on and find a correct solution. Same thing if I execute in the terminal networksetup -setdnsservers "Wi-Fi" 8.8.8.8
I also got into the log directory and did a grep -R "DNS"
and I got this:
./aws_vpn_client_20230510.log:; EDNS: version: 0, flags:; udp: 512
./aws_vpn_client_20230510.log:2023-05-10 10:24:46.907 -03:00 [DBG] Starting DNS monitoring thread for Mac
./aws_vpn_client_20230510.log:2023-05-10 10:24:46.913 -03:00 [DBG] DNS servers for OpenVPN with pid 7920:
./aws_vpn_client_20230510.log:2023-05-10 10:24:46.914 -03:00 [DBG] DNS is not configured for this connection. Quit DNS monitoring thread
./aws_vpn_client_20230510.log:2023-05-10 10:24:46.922 -03:00 [DBG] Mac DNS monitoring is already in progress. Skip
Not sure if it is useful at all.
Some details of the VPN:
- Split tunnel is enabled
- The CIDR is 10.0.0.0/22
- AWS VPN Client version is 3.3.0 (latest)
- MacOS version 13.3.1
Any ideas of what may be happening?
Thanks in advance!
Thanks for your response!