Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Pule on Android: Split Tunneling and DNS

cryptochrome_
Contributor
‎01-09-2013 03:04:AM
‎01-09-2013 03:04:AM

Pule on Android: Split Tunneling and DNS

Hi,

 

I have setup a role for mobile users that works for iOS and Android. It is using split tunneling and has a set precedence to use the internal DNS server first (and then the client DNS). The DNS setting also pushes a couple of DNS search suffixes to the client.

 

When connecting with iOS, I can access internal ressources simply by their name (ommiting the DNS suffix) and it works as expected. However, I can not get Android to do the same. If I ommit the DNS suffix, Android seems to search it's local DNS server and not use the internal DNS server (as specified in the role's settings). If I access a ressource by specifying the host name as well as the DNS suffix (FQDN), Android uses the internal DNS server and it works.

 

Can anyone confirm this behavior? Is this normal/suspected? Can't Pulse re-configure Android's DNS subsystem?

 

Thanks

Sascha

 

0 Kudos
12 REPLIES 12
cryptochrome_
Contributor
‎01-09-2013 03:06:AM
‎01-09-2013 03:06:AM

Re: Pule on Android: Split Tunneling and DNS

I might add: Disabling split tunneling and thus forcing all traffic through the VPN does not help. Android keeps using the DNS server of it's primary network unless I use FQDNs.

 

Another addition: We tried different Android versions from 2.x up to 4.2, all with the same effect. All using the latest Pulse client from Play Store.

0 Kudos
zanyterp_
Respected Contributor
‎01-10-2013 04:42:AM
‎01-10-2013 04:42:AM

Re: Pule on Android: Split Tunneling and DNS

I believe that is correct behavior for android and can't be modified
0 Kudos
Geert_VDW_
New Contributor
‎02-22-2013 07:14:AM
‎02-22-2013 07:14:AM

Re: Pule on Android: Split Tunneling and DNS

Hello,

 

"Glad" to read we are not the only ones experiencing this issue.


We have a Juniper MAG-4610 running 7.1R6 (build 20169).

When connecting an Apple device running iOS 6.1 (10B141) outfitted with Junos Pulse Client 4.2.1.32145 the VPN sets up on the fly and we can access our internal resources via hostname (so correct DNS is used).

 

When connecting a Samsung Android device running Android 4.0.4 outfitted with Junos Pulse Client for Samsung 4.1.3.30101 the VPN also connects w/o any problem but hostnames cannot be resolved, only when using the FQDN names.

 

So far no luck in finding a way to make Android behave like iOS for this specific purpose.

 

If I do find anything useful on the subject I'll make sure to update this thread.

0 Kudos
Geert_VDW_
New Contributor
‎02-25-2013 03:00:AM
‎02-25-2013 03:00:AM

Re: Pule on Android: Split Tunneling and DNS

After some digging around I think what happens is pretty much what is described in this thread.

 

http://code.google.com/p/android/issues/detail?id=8030

 

It seems Android completely disregards DHCP options 15 and 119. Last status is that it will be fixed in the next major release (be that 4.3 or 5.0) which, unfortunately, will mean for most current owners of an Android device, buy a new device.

 

I guess our company's choice between iOS and Android will be an easy one.

0 Kudos
zanyterp_
Respected Contributor
‎03-01-2013 08:37:PM
‎03-01-2013 08:37:PM

Re: Pule on Android: Split Tunneling and DNS

thank you for the update on the Android limitation listed and the impact for the VPN connection

0 Kudos
rdit_
Regular Contributor
‎06-04-2013 11:45:PM
‎06-04-2013 11:45:PM

Re: Pule on Android: Split Tunneling and DNS

And how do you explain that this worked for quite a while? Since the last Junos Pulse App Update on our Android Devices this isnt working anymore.

 

We always had split-tunneling enabled and were able to resolve internal resources and external names. Now DNS is only resolving externally...and we didnt do any changes to our SA configuration.

0 Kudos
jayLaiz_
Super Contributor
‎06-05-2013 02:56:AM
‎06-05-2013 02:56:AM

Re: Pule on Android: Split Tunneling and DNS

Hi ,

 

It is recommended to raise a case with JTAC,we need to confirm from logs if issue has alreday been reported.

 

Thanks,

Jay

0 Kudos
zanyterp_
Respected Contributor
‎06-05-2013 04:59:AM
‎06-05-2013 04:59:AM

Re: Pule on Android: Split Tunneling and DNS

Which version of Pulse? If you're using Samsung devices, can you try the generic Pulse?
0 Kudos
rdit_
Regular Contributor
‎06-05-2013 05:19:AM
‎06-05-2013 05:19:AM

Re: Pule on Android: Split Tunneling and DNS

I dont really know which version the users had before. Its just that since the last update it isnt working anymore. I'm talking about the latest generic one, the Samsung specific version is not being used (although we are using samsung devices).

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.