cancel
Showing results for 
Search instead for 
Did you mean: 

VPN connects but DNS fails in Catalina

Highlighted
Occasional Contributor

VPN connects but DNS fails in Catalina

Hi

 

In Windows works well, but with MacOS Catalina connects well to the VPN but the DNS doesn't resolves the webpages in the browsers, and the DNS doesnt's responds to ping. The Pulse Secure version is the last 9.1.4 (1761).

 

I've revised in Windows thought cmd and it reports the same data as in mac os: ip, gateway, dns and ip and dhcp is configured automatically in both systems, but in Mac OS can't browse in internet. If i put the google's ip in the address bar, so can avoid the DNS, webpage loads correctly. 

 

Here i'm connected to the VPN and have external connection to the net: 

 

% ping 8.8.8.8

PING 8.8.8.8 (8.8.8.8): 56 data bytes

64 bytes from 8.8.8.8: icmp_seq=0 ttl=54 time=54.598 ms

64 bytes from 8.8.8.8: icmp_seq=1 ttl=54 time=54.505 ms

--- 8.8.8.8 ping statistics ---

 

2 packets transmitted, 2 packets received, 0.0% packet loss

round-trip min/avg/max/stddev = 54.505/54.552/54.598/0.046 ms

 

The first DNS are the right ones of my VPN's work: 

 

scutil --dns | more

DNS configuration

 

resolver #1

  nameserver[0] : 10.228.103.4

  nameserver[1] : 10.228.103.27

  flags    : Request A records

  reach    : 0x00000002 (Reachable)

 

resolver #2

  nameserver[0] : 8.8.8.8

  nameserver[1] : 8.8.4.4

  flags    : Supplemental, Request A records

  reach    : 0x00000002 (Reachable)

  order    : 101600

 

Still well connected to the VPN, but the DNS doesn't respond to ping. In Windows the respond well.

 

% ping 10.228.103.4

PING 10.228.103.4 (10.228.103.4): 56 data bytes

Request timeout for icmp_seq 0

Request timeout for icmp_seq 1

^C

--- 10.228.103.4 ping statistics ---

3 packets transmitted, 0 packets received, 100.0% packet loss

 

This is my ethernet and the ip address: 

 

iMac ~ % ifconfig 

lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384

options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>

inet 127.0.0.1 netmask 0xff000000 

inet6 ::1 prefixlen 128 

inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 

nd6 options=201<PERFORMNUD,DAD>

gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280

stf0: flags=0<> mtu 1280

en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500

options=400<CHANNEL_IO>

ether 0c:4d:e9:d4:55:8d 

inet6 fe80::145d:a167:bff4:3fe6%en0 prefixlen 64 secured scopeid 0x4 

inet 192.168.1.100 netmask 0xffffff00 broadcast 192.168.1.255

nd6 options=201<PERFORMNUD,DAD>

media: autoselect (100baseTX <full-duplex,energy-efficient-ethernet>)

status: active

 

These are the routing tables: 

 

% netstat -nr

Routing tables

 

Internet:

Destination        Gateway            Flags        Netif Expire

default            192.168.1.1        UGSc           en0       

10.7.40.71         10.254.27.26       UGHS         utun3       

10.7.40.72         10.254.27.26       UGHS         utun3       

10.7.40.73         10.254.27.26       UGHS         utun3       

10.228.230.250     10.254.27.26       UGHS         utun3       

10.254.26.252      10.254.27.26       UGHS         utun3       

10.254.26.253      10.254.27.26       UGHS         utun3       

10.254.27.26       10.254.27.26       UH           utun3       

93.191.138.95      10.254.27.26       UGHS         utun3       

93.191.138.96      10.254.27.26       UGHS         utun3       

93.191.138.97      10.254.27.26       UGHS         utun3       

93.191.138.184/29  10.254.27.26       UGSc         utun3       

93.191.142.138     192.168.1.1        UGHS           en0       

127                127.0.0.1          UCS            lo0       

127.0.0.1          127.0.0.1          UH             lo0       

169.254            link#4             UCS            en0      !

192.168.1          link#4             UCS            en0      !

192.168.1.1        link#4             UHCS           en0      !

192.168.1.1/32     link#4             UCS            en0      !

192.168.1.1        34:e8:94:b0:88:5e  UHLWIir        en0    782

192.168.1.100/32   link#4             UCS            en0      !

224.0.0/4          link#4             UmCS           en0      !

224.0.0.251        1:0:5e:0:0:fb      UHmLWI         en0       

255.255.255.255/32 link#4             UCS            en0      !

 

Any help would be aprecciated. Thank you !!

 

9 REPLIES 9
Highlighted
Moderator
Moderator

Re: VPN connects but DNS fails in Catalina

Routing table shows no route for the Internal DNS servers 10.228.103.4 & 10.228.103.27, which implies that the DNS servers may not included in the split tunneling routes.

Please add the DNS servers IP under the VPN tuneling split tunneling policies and access control and check the behaviour.
PCS Expert
Pulse Connect Secure Certified Expert
Highlighted
Occasional Contributor

Re: VPN connects but DNS fails in Catalina

Do DNS servers need to be explictly added to split tunnel rules and ACL? This does not sound usual.

 

Is this a temp work around for some bug that Pulse is working on or is this permanent?

Highlighted
Occasional Contributor

Re: VPN connects but DNS fails in Catalina

If I have to add the DNS servers IP under the VPN tuneling split tunneling policies and access control i'm not the system admin, i suposse that i have to tell him, as  i can't change this from the client side.

 

I don't understand that in windows 10 it works well, and there is no DNS servers in the routing table. 

 

This is the windows 10 routing table:

 

===========================================================================
ILista de interfaces
 14...02 05 85 7f eb 80 ......Juniper Networks Virtual Adapter
 11...08 00 27 b6 5e 2f ......Adaptador de escritorio Intel(R) PRO/1000 MT
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Adaptador ISATAP de Microsoft
 16...00 00 00 00 00 00 00 e0 Adaptador ISATAP de Microsoft #3
===========================================================================

IPv4 Tabla de enrutamiento
===========================================================================
Rutas activas:
Destino de red        M scara de red   Puerta de enlace   Interfaz  M‚trica
          0.0.0.0          0.0.0.0         10.0.2.2        10.0.2.15     10
         10.0.2.0    255.255.255.0      En v¡nculo         10.0.2.15    266
        10.0.2.15  255.255.255.255      En v¡nculo         10.0.2.15    266
       10.0.2.255  255.255.255.255      En v¡nculo         10.0.2.15    266
       10.7.40.71  255.255.255.255      En v¡nculo      10.254.27.27      1
       10.7.40.72  255.255.255.255      En v¡nculo      10.254.27.27      1
       10.7.40.73  255.255.255.255      En v¡nculo      10.254.27.27      1
   10.228.230.250  255.255.255.255      En v¡nculo      10.254.27.27      1
    10.254.26.252  255.255.255.255      En v¡nculo      10.254.27.27      1
    10.254.26.253  255.255.255.255      En v¡nculo      10.254.27.27      1
     10.254.27.27  255.255.255.255      En v¡nculo      10.254.27.27    256
    93.191.138.95  255.255.255.255      En v¡nculo      10.254.27.27      1
    93.191.138.96  255.255.255.255      En v¡nculo      10.254.27.27      1
    93.191.138.97  255.255.255.255      En v¡nculo      10.254.27.27      1
   93.191.138.184  255.255.255.248      En v¡nculo      10.254.27.27      1
   93.191.142.138  255.255.255.255         10.0.2.2        10.0.2.15     10
        127.0.0.0        255.0.0.0      En v¡nculo         127.0.0.1    306
        127.0.0.1  255.255.255.255      En v¡nculo         127.0.0.1    306
  127.255.255.255  255.255.255.255      En v¡nculo         127.0.0.1    306
        224.0.0.0        240.0.0.0      En v¡nculo         127.0.0.1    306
        224.0.0.0        240.0.0.0      En v¡nculo         10.0.2.15    266
        224.0.0.0        240.0.0.0      En v¡nculo      10.254.27.27    256
  255.255.255.255  255.255.255.255      En v¡nculo         127.0.0.1    306
  255.255.255.255  255.255.255.255      En v¡nculo         10.0.2.15    266
  255.255.255.255  255.255.255.255      En v¡nculo      10.254.27.27    256
===========================================================================
Rutas persistentes:
  Ninguno

IPv6 Tabla de enrutamiento
===========================================================================
Rutas activas:
 Cuando destino de red m‚trica      Puerta de enlace
  1    306 ::1/128                  En v¡nculo
 11    266 fe80::/64                En v¡nculo
 14    261 fe80::/64                En v¡nculo
 11    266 fe80::3d29:9aec:ef2e:7c9a/128
                                    En v¡nculo
 14    261 fe80::e0b7:df9c:7d80:a73d/128
                                    En v¡nculo
  1    306 ff00::/8                 En v¡nculo
 11    266 ff00::/8                 En v¡nculo
 14    261 ff00::/8                 En v¡nculo
===========================================================================
Rutas persistentes:
  Ninguno

 

Highlighted
Moderator
Moderator

Re: VPN connects but DNS fails in Catalina

@identityaws: That's the expected setting to be applied on the VPN server. DNS servers has to be added to the ST rules, however implicit ACLs can be enabled by selected the "Allow allow DNS settings" under the connection profiles.

PCS Expert
Pulse Connect Secure Certified Expert
Highlighted
Moderator
Moderator

Re: VPN connects but DNS fails in Catalina

@Gery : Based on the routing table, it seems that the tunnel mode is Split tunnel with the bunch of allow rules, so are you able to access both Internet and Intranet sites using FQDN from Windows but not on macOS?

 

PCS Expert
Pulse Connect Secure Certified Expert
Highlighted
Occasional Contributor

Re: VPN connects but DNS fails in Catalina

Hi Ray

 

Using FQDN with those rules I'm able to acces both Internet and Intranet in Windows, but in macOS I only access the Intranet, can't access the Internet by the DNS resolution problem. 

 

I've donde many tests but i can't found a solution. If I install a windows virtual machine in MacOS,  to experiment with another Windows and it works well too.  

 

My main computer is an iMac, and I would like to solve this problem, because I have to use two computer now to work at home. 

Highlighted
Moderator
Moderator

Re: VPN connects but DNS fails in Catalina

Can you capture the packets on both physical and virtual interface and confirm how the DNS packets are being sent or are you receiving the DNS response for the DNS queries which are being sent out from the macOS workstations?

PCS Expert
Pulse Connect Secure Certified Expert
Highlighted
Occasional Contributor

Re: VPN connects but DNS fails in Catalina

I've the logs in the Whireshark's format. Following the rules to not post links with the logs, i put some extract from them. I loaded in every try a wepage in the browser http//www.elpais.com.

 

I don't know if my enterprise has some GPO's to browse internet, and only can be applied to Windows machines, can be a problem with the FQDN (i've put the hostname as in windows, but I think MacOS could be adding .local behind the hostname) or where is the problem. 

 

Logs Windows Physical Interface

 

No. Time Source Destination Protocol Length Info
No. Time Source Destination Protocol Length Info
19 2.710435 192.168.1.104 93.191.142.138 TLSv1.2 147 Application Data
20 2.778436 192.168.1.104 192.168.1.1 DNS 74 Standard query 0x187a A www.elpais.com
21 2.782051 192.168.1.104 192.168.1.1 TCP 66 50006 → 80 [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1
22 2.782787 192.168.1.1 192.168.1.104 TCP 60 80 → 50006 [SYN, ACK] Seq=0 Ack=1 Win=2800 Len=0 MSS=1400
23 2.782837 192.168.1.104 192.168.1.1 TCP 54 50006 → 80 [ACK] Seq=1 Ack=1 Win=64400 Len=0
24 2.787378 93.191.142.138 192.168.1.104 TCP 60 443 → 49934 [ACK] Seq=1 Ack=373 Win=10720 Len=0
25 2.812304 192.168.1.104 192.168.1.1 TCP 358 50006 → 80 [PSH, ACK] Seq=1 Ack=1 Win=64400 Len=304 [TCP segment of a reassembled PDU]
26 2.812353 192.168.1.104 192.168.1.1 HTTP/XML 367 POST /UD/?5 HTTP/1.1 
27 2.812992 192.168.1.1 192.168.1.104 TCP 60 80 → 50006 [ACK] Seq=1 Ack=305 Win=2496 Len=0
28 2.813021 192.168.1.1 192.168.1.104 TCP 60 80 → 50006 [ACK] Seq=1 Ack=618 Win=2183 Len=0
29 2.813865 192.168.1.1 192.168.1.104 TCP 239 80 → 50006 [PSH, ACK] Seq=1 Ack=618 Win=2800 Len=185 [TCP segment of a reassembled PDU]
30 2.833762 192.168.1.1 192.168.1.104 DNS 291 Standard query response 0x187a A www.elpais.com CNAME elpais-as.com.edgekey.net CNAME e11934.b.akamaiedge.net A 2.16.108.67 A 2.16.108.50 A 2.16.108.66 A 2.16.108.72 A 2.16.108.51 A 2.16.108.64 A 2.16.108.48 A 2.16.108.43 A 2.16.108.49
31 2.837642 192.168.1.104 2.16.108.67 TCP 66 50007 → 80 [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1
32 2.838757 192.168.1.104 2.16.108.67 TCP 66 50008 → 80 [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1
33 2.891434 2.16.108.67 192.168.1.104 TCP 66 80 → 50007 [SYN, ACK] Seq=0 Ack=1 Win=29200 Len=0 MSS=1400 SACK_PERM=1 WS=128
34 2.891496 192.168.1.104 2.16.108.67 TCP 54 50007 → 80 [ACK] Seq=1 Ack=1 Win=65792 Len=0
35 2.892776 2.16.108.67 192.168.1.104 TCP 66 80 → 50008 [SYN, ACK] Seq=0 Ack=1 Win=29200 Len=0 MSS=1400 SACK_PERM=1 WS=128
36 2.892809 192.168.1.104 2.16.108.67 TCP 54 50008 → 80 [ACK] Seq=1 Ack=1 Win=65792 Len=0
37 2.901837 192.168.1.104 2.16.108.67 TCP 66 50009 → 80 [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1
38 2.910615 192.168.1.104 192.168.1.255 NBNS 92 Name query NB ISATAP<00>
39 2.951523 192.168.1.104 2.16.108.67 HTTP 463 GET / HTTP/1.1 
40 2.955487 2.16.108.67 192.168.1.104 TCP 66 80 → 50009 [SYN, ACK] Seq=0 Ack=1 Win=29200 Len=0 MSS=1400 SACK_PERM=1 WS=128
41 2.955538 192.168.1.104 2.16.108.67 TCP 54 50009 → 80 [ACK] Seq=1 Ack=1 Win=65792 Len=0
42 3.009908 2.16.108.67 192.168.1.104 TCP 60 80 → 50007 [ACK] Seq=1 Ack=410 Win=30336 Len=0
43 3.011299 2.16.108.67 192.168.1.104 HTTP 413 HTTP/1.1 301 Moved Permanently 
44 3.065280 192.168.1.104 192.168.1.1 TCP 54 50006 → 80 [ACK] Seq=618 Ack=186 Win=64215 Len=0
45 3.066041 192.168.1.1 192.168.1.104 HTTP/XML 479 HTTP/1.1 200 OK 
46 3.066135 192.168.1.104 192.168.1.1 TCP 54 50006 → 80 [FIN, ACK] Seq=618 Ack=611 Win=63790 Len=0
47 3.066636 192.168.1.1 192.168.1.104 TCP 60 80 → 50006 [ACK] Seq=611 Ack=619 Win=2800 Len=0
48 3.067241 192.168.1.1 192.168.1.104 TCP 60 80 → 50006 [FIN, ACK] Seq=611 Ack=619 Win=2800 Len=0
49 3.067265 192.168.1.104 192.168.1.1 TCP 54 50006 → 80 [ACK] Seq=619 Ack=612 Win=63790 Len=0
50 3.251455 192.168.1.104 2.16.108.67 TCP 66 50010 → 443 [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1
51 3.265202 192.168.1.104 2.16.108.67 TCP 54 50007 → 80 [ACK] Seq=410 Ack=360 Win=65280 Len=0
52 3.305193 2.16.108.67 192.168.1.104 TCP 66 443 → 50010 [SYN, ACK] Seq=0 Ack=1 Win=29200 Len=0 MSS=1400 SACK_PERM=1 WS=128
53 3.305258 192.168.1.104 2.16.108.67 TCP 54 50010 → 443 [ACK] Seq=1 Ack=1 Win=65792 Len=0
54 3.334438 192.168.1.104 2.16.108.67 TLSv1.2 571 Client Hello
55 3.394535 2.16.108.67 192.168.1.104 TCP 60 443 → 50010 [ACK] Seq=1 Ack=518 Win=30336 Len=0
56 3.397886 2.16.108.67 192.168.1.104 TLSv1.2 1454 Server Hello
57 3.399577 2.16.108.67 192.168.1.104 TCP 1454 443 → 50010 [ACK] Seq=1401 Ack=518 Win=30336 Len=1400 [TCP segment of a reassembled PDU]
58 3.399606 192.168.1.104 2.16.108.67 TCP 54 50010 → 443 [ACK] Seq=518 Ack=2801 Win=65792 Len=0
59 3.401028 2.16.108.67 192.168.1.104 TLSv1.2 1112 Certificate, Certificate Status, Server Key Exchange, Server Hello Done
60 3.520384 192.168.1.104 2.16.108.67 TLSv1.2 180 Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message
61 3.522384 192.168.1.104 2.16.108.67 TLSv1.2 153 Application Data
62 3.523611 192.168.1.104 2.16.108.67 TLSv1.2 403 Application Data
63 3.575685 2.16.108.67 192.168.1.104 TLSv1.2 312 New Session Ticket, Change Cipher Spec, Encrypted Handshake Message
64 3.580512 2.16.108.67 192.168.1.104 TLSv1.2 131 Application Data
65 3.580558 192.168.1.104 2.16.108.67 TCP 54 50010 → 443 [ACK] Seq=1092 Ack=4194 Win=64256 Len=0
66 3.584735 2.16.108.67 192.168.1.104 TLSv1.2 428 Application Data
67 3.623087 192.168.1.104 2.16.108.67 TLSv1.2 92 Application Data
 
 
Logs Windows Virtual Interface
 
No. Time Source Destination Protocol Length Info
1 0.000000 10.254.27.14 239.255.255.250 SSDP 216 M-SEARCH * HTTP/1.1 
2 0.000034 10.254.27.14 239.255.255.250 SSDP 216 M-SEARCH * HTTP/1.1 
3 1.008679 10.254.27.14 239.255.255.250 SSDP 216 M-SEARCH * HTTP/1.1 
4 1.008710 10.254.27.14 239.255.255.250 SSDP 216 M-SEARCH * HTTP/1.1 
5 2.008749 10.254.27.14 239.255.255.250 SSDP 216 M-SEARCH * HTTP/1.1 
6 2.008777 10.254.27.14 239.255.255.250 SSDP 216 M-SEARCH * HTTP/1.1 
7 3.009187 10.254.27.14 239.255.255.250 SSDP 216 M-SEARCH * HTTP/1.1 
8 3.009225 10.254.27.14 239.255.255.250 SSDP 216 M-SEARCH * HTTP/1.1 

 

 

 

Highlighted
Occasional Contributor

Re: VPN connects but DNS fails in Catalina

MacOS Physical Interface

 

No. Time Source Destination Protocol Length Info
155 27.127298 93.191.142.138 192.168.1.100 TCP 60 [TCP ACKed unseen segment] 443 → 51531 [ACK] Seq=1 Ack=2 Win=10720 Len=0
156 29.085737 192.168.1.104 192.168.1.255 BROWSER 243 Local Master Announcement X18040SA-PC, Workstation, Server, NT Workstation, Potential Browser, Master Browser
157 29.085750 192.168.1.104 192.168.1.255 BROWSER 243 Local Master Announcement X18040SA-PC, Workstation, Server, NT Workstation, Potential Browser, Master Browser
158 29.117038 192.168.1.100 192.168.1.1 DNS 83 Standard query 0xb550 A X18040SA-PC.iecisa.corp
159 29.174222 192.168.1.1 192.168.1.100 DNS 158 Standard query response 0xb550 No such name A X18040SA-PC.iecisa.corp SOA a.root-servers.net
160 29.174816 192.168.1.100 10.228.103.4 DNS 71 Standard query 0x6b90 A X18040SA-PC
161 30.177950 192.168.1.100 10.228.103.4 DNS 71 Standard query 0x6b90 A X18040SA-PC
162 30.282727 93.191.138.96 192.168.1.100 TLSv1.2 135 Application Data
163 30.282874 192.168.1.100 93.191.138.96 TCP 66 50969 → 443 [ACK] Seq=1 Ack=277 Win=2165 Len=0 TSval=770331536 TSecr=1905758438
164 30.974901 74.125.206.189 192.168.1.100 UDP 553 443 → 58848 Len=511
165 30.986593 173.194.76.189 192.168.1.100 UDP 554 443 → 52038 Len=512
166 30.996902 192.168.1.100 74.125.206.189 UDP 71 58848 → 443 Len=29
167 31.008365 192.168.1.100 173.194.76.189 UDP 71 52038 → 443 Len=29
168 31.163587 192.168.1.100 108.177.15.189 UDP 65 50930 → 443 Len=23
169 31.254451 108.177.15.189 192.168.1.100 UDP 64 443 → 50930 Len=22
170 31.395919 74.125.206.189 192.168.1.100 UDP 778 443 → 58848 Len=736
171 31.417606 192.168.1.100 74.125.206.189 UDP 71 58848 → 443 Len=29
172 31.751944 192.168.1.100 93.191.138.97 TCP 176 50972 → 8080 [PSH, ACK] Seq=331 Ack=586 Win=2048 Len=110 TSval=770333005 TSecr=1097590493
173 31.809052 93.191.138.97 192.168.1.100 TCP 261 8080 → 50972 [PSH, ACK] Seq=586 Ack=441 Win=255 Len=195 TSval=1097600493 TSecr=770333005
174 31.809133 192.168.1.100 93.191.138.97 TCP 66 50972 → 8080 [ACK] Seq=441 Ack=781 Win=2044 Len=0 TSval=770333062 TSecr=1097600493
175 32.022546 74.125.206.189 192.168.1.100 UDP 762 443 → 58848 Len=720
176 32.044675 192.168.1.100 74.125.206.189 UDP 71 58848 → 443 Len=29
177 32.124740 173.194.76.189 192.168.1.100 UDP 763 443 → 52038 Len=721
178 32.145683 192.168.1.100 173.194.76.189 UDP 71 52038 → 443 Len=29
179 32.179830 192.168.1.100 10.228.103.27 DNS 71 Standard query 0x6b90 A X18040SA-PC
180 32.309976 74.125.206.189 192.168.1.100 UDP 553 443 → 58848 Len=511
181 32.328363 173.194.76.189 192.168.1.100 UDP 554 443 → 52038 Len=512
182 32.331240 192.168.1.100 239.255.255.250 SSDP 217 M-SEARCH * HTTP/1.1 
183 32.331612 192.168.1.100 74.125.206.189 UDP 71 58848 → 443 Len=29
184 32.349374 192.168.1.100 173.194.76.189 UDP 71 52038 → 443 Len=29
185 32.938962 192.168.1.100 10.228.103.27 DNS 74 Standard query 0x3b10 A www.elpais.com
186 33.181788 192.168.1.100 10.228.103.27 DNS 71 Standard query 0x6b90 A X18040SA-PC
187 33.331791 192.168.1.100 239.255.255.250 SSDP 217 M-SEARCH * HTTP/1.1 
188 33.889497 108.177.15.189 192.168.1.100 UDP 83 443 → 50930 Len=41
189 33.908733 192.168.1.100 108.177.15.189 UDP 71 50930 → 443 Len=29
190 33.939364 192.168.1.100 10.228.103.27 DNS 74 Standard query 0x3b10 A www.elpais.com
191 33.994403 216.58.201.174 192.168.1.100 UDP 84 443 → 61090 Len=42
192 34.001683 216.58.201.174 192.168.1.100 UDP 62 443 → 61090 Len=20
193 34.009231 192.168.1.100 216.58.201.174 UDP 71 61090 → 443 Len=29
194 34.116248 192.168.1.100 192.168.1.255 NBNS 92 Name query NB X18040SA-PC<20>
195 34.116735 PcsCompu_b6:5e:2f Broadcast ARP 42 Who has 192.168.1.100? Tell 192.168.1.104
196 34.116759 PcsCompu_b6:5e:2f Broadcast ARP 42 Who has 192.168.1.100? Tell 192.168.1.104
197 34.116803 Apple_d4:55:8d PcsCompu_b6:5e:2f ARP 42 192.168.1.100 is at 0c:4d:e9:d4:55:8d
198 34.116915 192.168.1.104 192.168.1.100 NBNS 104 Name query response NB 192.168.1.104
199 34.117367 192.168.1.100 192.168.1.104 TCP 78 51538 → 445 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=64 TSval=770335366 TSecr=0 SACK_PERM=1
200 34.117569 192.168.1.104 192.168.1.100 TCP 74 445 → 51538 [SYN, ACK] Seq=0 Ack=1 Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1 TSval=510740 TSecr=770335366
201 34.117619 192.168.1.100 192.168.1.104 TCP 66 51538 → 445 [ACK] Seq=1 Ack=1 Win=131712 Len=0 TSval=770335366 TSecr=510740
202 34.143533 173.194.76.189 192.168.1.100 UDP 771 443 → 52038 Len=729
203 34.164964 192.168.1.100 173.194.76.189 UDP 71 52038 → 443 Len=29
204 34.331885 192.168.1.100 239.255.255.250 SSDP 217 M-SEARCH * HTTP/1.1 
205 34.365735 192.168.1.100 192.168.1.104 TCP 78 51539 → 139 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=64 TSval=770335614 TSecr=0 SACK_PERM=1
206 34.365800 192.168.1.100 192.168.1.104 TCP 66 51538 → 445 [FIN, ACK] Seq=1 Ack=1 Win=131712 Len=0 TSval=770335614 TSecr=510740
207 34.365988 192.168.1.104 192.168.1.100 TCP 74 139 → 51539 [SYN, ACK] Seq=0 Ack=1 Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1 TSval=510765 TSecr=770335614
208 34.366037 192.168.1.100 192.168.1.104 TCP 54 51539 → 139 [RST] Seq=1 Win=0 Len=0
209 34.366065 192.168.1.104 192.168.1.100 TCP 66 445 → 51538 [ACK] Seq=1 Ack=2 Win=66560 Len=0 TSval=510765 TSecr=770335614
210 34.366123 192.168.1.104 192.168.1.100 TCP 54 445 → 51538 [RST, ACK] Seq=1 Ack=2 Win=0 Len=0
211 34.366278 192.168.1.100 192.168.1.104 TCP 78 51540 → 445 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=128 TSval=770335614 TSecr=0 SACK_PERM=1
212 34.366474 192.168.1.104 192.168.1.100 TCP 74 445 → 51540 [SYN, ACK] Seq=0 Ack=1 Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1 TSval=510765 TSecr=770335614
213 34.366527 192.168.1.100 192.168.1.104 TCP 66 51540 → 445 [ACK] Seq=1 Ack=1 Win=5571840 Len=0 TSval=770335614 TSecr=510765
214 34.366537 192.168.1.100 192.168.1.104 SMB 117 Negotiate Protocol Request
215 34.366989 192.168.1.104 192.168.1.100 SMB 197 Negotiate Protocol Response
216 34.367023 192.168.1.100 192.168.1.104 TCP 66 51540 → 445 [ACK] Seq=52 Ack=132 Win=5571712 Len=0 TSval=770335615 TSecr=510765
217 34.606575 192.168.1.100 192.168.1.104 SMB 258 Session Setup AndX Request, NTLMSSP_NEGOTIATE
218 34.607101 192.168.1.104 192.168.1.100 SMB 482 Session Setup AndX Response, NTLMSSP_CHALLENGE, Error: STATUS_MORE_PROCESSING_REQUIRED
219 34.607174 192.168.1.100 192.168.1.104 TCP 66 51540 → 445 [ACK] Seq=244 Ack=548 Win=5571328 Len=0 TSval=770335853 TSecr=510789
220 34.607681 192.168.1.100 192.168.1.104 SMB 109 Logoff AndX Request
221 34.607919 192.168.1.104 192.168.1.100 SMB 109 Logoff AndX Response
222 34.607968 192.168.1.100 192.168.1.104 TCP 66 51540 → 445 [ACK] Seq=287 Ack=591 Win=5571200 Len=0 TSval=770335854 TSecr=510789
223 34.608023 192.168.1.100 192.168.1.104 TCP 66 51540 → 445 [FIN, ACK] Seq=287 Ack=591 Win=5571200 Len=0 TSval=770335854 TSecr=510789
224 34.608177 192.168.1.100 192.168.1.255 NBNS 92 Name query NB WORKGROUP<1d>
225 34.608183 192.168.1.104 192.168.1.100 TCP 66 445 → 51540 [ACK] Seq=591 Ack=288 Win=66304 Len=0 TSval=510789 TSecr=770335854
226 34.608357 192.168.1.104 192.168.1.100 NBNS 104 Name query response NB 192.168.1.104
227 34.608482 192.168.1.104 192.168.1.100 TCP 54 445 → 51540 [RST, ACK] Seq=591 Ack=288 Win=0 Len=0
228 34.608499 192.168.1.100 192.168.1.255 BROWSER 216 Get Backup List Request
229 34.608872 192.168.1.104 192.168.1.255 NBNS 92 Name query NB IMAC-D4558D<00>
230 34.608890 192.168.1.104 192.168.1.255 NBNS 92 Name query NB IMAC-D4558D<00>
231 34.609003 192.168.1.100 192.168.1.104 NBNS 104 Name query response NB 192.168.1.100
232 34.609191 192.168.1.104 192.168.1.100 BROWSER 228 Get Backup List Response
233 34.609291 192.168.1.100 192.168.1.104 NBNS 92 Name query NBSTAT X18040SA-PC<20>
234 34.609460 192.168.1.104 192.168.1.100 NBNS 253 Name query response NBSTAT
235 34.674408 192.168.1.100 10.228.103.27 DNS 75 Standard query 0x0741 A play.google.com
236 35.063357 192.168.1.100 216.58.201.174 UDP 593 61090 → 443 Len=551
237 35.136866 216.58.201.174 192.168.1.100 UDP 64 443 → 61090 Len=22
238 35.332339 192.168.1.100 239.255.255.250 SSDP 217 M-SEARCH * HTTP/1.1 
239 35.352963 216.58.201.174 192.168.1.100 UDP 233 443 → 61090 Len=191
240 35.354794 216.58.201.174 192.168.1.100 UDP 82 443 → 61090 Len=40
241 35.367673 192.168.1.100 216.58.201.174 UDP 71 61090 → 443 Len=29
242 35.552392 192.168.1.1 192.168.1.255 RIPv2 86 Response
243 35.677650 192.168.1.100 10.228.103.27 DNS 75 Standard query 0x0741 A play.google.com
244 35.939693 192.168.1.100 10.228.103.4 DNS 74 Standard query 0x3b10 A www.elpais.com
245 36.041414 192.168.1.100 10.228.103.4 DNS 81 Standard query 0x4e3a A p71-caldav.icloud.com
246 36.939660 192.168.1.100 10.228.103.4 DNS 74 Standard query 0x3b10 A www.elpais.com
247 37.044851 192.168.1.100 10.228.103.4 DNS 81 Standard query 0x4e3a A p71-caldav.icloud.com
248 37.678594 192.168.1.100 10.228.103.4 DNS 75 Standard query 0x0741 A play.google.com
249 37.809720 74.125.206.189 192.168.1.100 UDP 553 443 → 58848 Len=511
250 37.820905 173.194.76.189 192.168.1.100 UDP 554 443 → 52038 Len=512
251 37.831623 192.168.1.100 74.125.206.189 UDP 71 58848 → 443 Len=29
252 37.842064 192.168.1.100 173.194.76.189 UDP 71 52038 → 443 Len=29
253 38.428927 74.125.206.189 192.168.1.100 UDP 752 443 → 58848 Len=710
254 38.450565 192.168.1.100 74.125.206.189 UDP 71 58848 → 443 Len=29
255 38.682540 192.168.1.100 10.228.103.4 DNS 75 Standard query 0x0741 A play.google.com
256 38.939611 192.168.1.100 10.228.103.27 DNS 74 Standard query 0x3b10 A www.elpais.com
257 39.045100 192.168.1.100 10.228.103.27 DNS 81 Standard query 0x4e3a A p71-caldav.icloud.com
258 39.487054 173.194.76.189 192.168.1.100 UDP 778 443 → 52038 Len=736
259 39.508167 192.168.1.100 173.194.76.189 UDP 71 52038 → 443 Len=29
260 40.045021 192.168.1.100 10.228.103.27 DNS 81 Standard query 0x4e3a A p71-caldav.icloud.com
261 40.297584 93.191.138.96 192.168.1.100 TLSv1.2 135 Application Data
262 40.297667 192.168.1.100 93.191.138.96 TCP 66 50969 → 443 [ACK] Seq=1 Ack=346 Win=2165 Len=0 TSval=770341540 TSecr=1905759439
263 40.682509 192.168.1.100 10.228.103.27 DNS 75 Standard query 0x0741 A play.google.com
264 41.510389 192.168.1.100 10.228.103.4 DNS 85 Standard query 0x77d1 A lh6.googleusercontent.com
 
 
 
MacOS Virtual Interface
 
There are no traces when I browse in internet, only when I access to the intranet.