Hi, I am struggling since couple of days to make it work by following every information available online but couldn't make it. So decided to ask here. I am running Ubuntu 18.04 LTS on my Dell laptop. Able to connect to internet. But when i connect to vpn using Pulse Secure client the dns resolution stops working for vpn resources using name. However internet works. Nslookup, dig all works. IP works but not fqdn. It says - This site can’t be reached ins.example.com’s server IP address could not be found. DNS_PROBE_FINISHED_NXDOMAIN Here is some of the details before connecting to vpn -
[email protected]:~$ cat /etc/resolv.conf # Generated by NetworkManager nameserver 192.168.1.1 nameserver 2409:4042:208e:3b8d:d89f:c1ff:fe79:484e
[email protected]:~$ route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.1.1 0.0.0.0 UG 20100 0 0 enxfcde56ff0106 0.0.0.0 192.168.1.1 0.0.0.0 UG 20600 0 0 wlp4s0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlp4s0 192.168.0.0 0.0.0.0 255.255.0.0 U 100 0 0 enxfcde56ff0106 192.168.0.0 0.0.0.0 255.255.0.0 U 600 0 0 wlp4s0 192.168.1.1 0.0.0.0 255.255.255.255 UH 1 0 0 wlp4s0
[email protected]:~$ systemd-resolve --status Global DNS Servers: 8.8.8.8 DNSSEC NTA: 10.in-addr.arpa 16.172.in-addr.arpa 168.192.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21.172.in-addr.arpa 22.172.in-addr.arpa 23.172.in-addr.arpa 24.172.in-addr.arpa 25.172.in-addr.arpa 26.172.in-addr.arpa 27.172.in-addr.arpa 28.172.in-addr.arpa 29.172.in-addr.arpa 30.172.in-addr.arpa 31.172.in-addr.arpa corp d.f.ip6.arpa home internal intranet lan local private test Link 8 (enxfcde56ff0106) Current Scopes: none LLMNR setting: yes MulticastDNS setting: no DNSSEC setting: no DNSSEC supported: no Link 3 (wlp4s0) Current Scopes: none LLMNR setting: yes MulticastDNS setting: no DNSSEC setting: no DNSSEC supported: no Link 2 (enp3s0) Current Scopes: none LLMNR setting: yes MulticastDNS setting: no DNSSEC setting: no DNSSEC supported: no
[email protected]:~$ cat /etc/nsswitch.conf # /etc/nsswitch.conf # # Example configuration of GNU Name Service Switch functionality. # If you have the `glibc-doc-reference' and `info' packages installed, try: # `info libc "Name Service Switch"' for information about this file. passwd: compat systemd group: compat systemd shadow: compat gshadow: files #hosts: files mdns4_minimal [NOTFOUND=return] resolve [!UNAVAIL=return] dns myhostname hosts: files mdns4_minimal [NOTFOUND=return] myhostname # Use /etc/resolv.conf first, then fall back to systemd-resolved hosts: files dns resolve myhostname # Use systemd-resolved first, then fall back to /etc/resolv.conf hosts: files resolve dns myhostname # Don't use /etc/resolv.conf at all hosts: files resolve myhostname networks: files protocols: db files services: db files ethers: db files rpc: db files netgroup: nis After connecting to vpn -
[email protected]:~$ systemd-resolve --status Global DNS Servers: 8.8.8.8 DNSSEC NTA: 10.in-addr.arpa 16.172.in-addr.arpa 168.192.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21.172.in-addr.arpa 22.172.in-addr.arpa 23.172.in-addr.arpa 24.172.in-addr.arpa 25.172.in-addr.arpa 26.172.in-addr.arpa 27.172.in-addr.arpa 28.172.in-addr.arpa 29.172.in-addr.arpa 30.172.in-addr.arpa 31.172.in-addr.arpa corp d.f.ip6.arpa home internal intranet lan local private test Link 9 (tun0) Current Scopes: none LLMNR setting: yes MulticastDNS setting: no DNSSEC setting: no DNSSEC supported: no Link 8 (enxfcde56ff0106) Current Scopes: none LLMNR setting: yes MulticastDNS setting: no DNSSEC setting: no DNSSEC supported: no Link 3 (wlp4s0) Current Scopes: none LLMNR setting: yes MulticastDNS setting: no DNSSEC setting: no DNSSEC supported: no Link 2 (enp3s0) Current Scopes: none LLMNR setting: yes MulticastDNS setting: no DNSSEC setting: no DNSSEC supported: no
[email protected]:~$ cat /etc/resolv.conf search example.com example-corp.com nameserver 10.82.150.113 nameserver 91.240.57.125
[email protected]:~$ route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.1.1 0.0.0.0 UG 100 0 0 enxfcde56ff0106 0.0.0.0 192.168.1.1 0.0.0.0 UG 600 0 0 wlp4s0 10.0.0.0 10.186.1.53 255.0.0.0 UG 1 0 0 tun0 10.80.1.1 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 10.145.0.0 10.186.1.53 255.255.240.0 UG 1 0 0 tun0 10.151.0.41 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 10.153.0.0 10.186.1.53 255.255.0.0 UG 1 0 0 tun0 10.153.0.193 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 10.200.0.0 10.186.1.53 255.255.0.0 UG 1 0 0 tun0 35.195.110.154 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 40.113.93.91 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 50.0.0.0 10.186.1.53 255.0.0.0 UG 1 0 0 tun0 52.19.126.201 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 57.5.64.0 10.186.1.53 255.255.255.0 UG 1 0 0 tun0 57.56.79.0 10.186.1.53 255.255.255.0 UG 1 0 0 tun0 81.45.9.212 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 81.45.11.200 192.168.1.1 255.255.255.255 UGH 1 0 0 enxfcde56ff0106 91.240.56.1 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 91.240.56.2 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 91.240.56.3 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 91.240.56.8 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 91.240.56.9 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 91.240.56.15 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 91.240.56.20 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 91.240.56.21 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 91.240.56.22 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 91.240.56.23 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 91.240.56.30 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 91.240.57.2 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 91.240.57.20 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 91.240.57.50 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 91.240.57.165 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 100.0.0.0 10.186.1.53 255.0.0.0 UG 1 0 0 tun0 101.0.0.0 10.186.1.53 255.0.0.0 UG 1 0 0 tun0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlp4s0 172.16.0.0 10.186.1.53 255.240.0.0 UG 1 0 0 tun0 172.24.1.1 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 192.11.13.0 10.186.1.53 255.255.255.0 UG 1 0 0 tun0 192.168.0.0 10.186.1.53 255.255.0.0 UG 1 0 0 tun0 192.168.0.0 0.0.0.0 255.255.0.0 U 100 0 0 enxfcde56ff0106 192.168.0.0 0.0.0.0 255.255.0.0 U 600 0 0 wlp4s0 192.168.1.1 0.0.0.0 255.255.255.255 UH 1 0 0 wlp4s0 192.168.106.0 10.186.1.53 255.255.255.0 UG 1 0 0 tun0 192.168.156.54 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 192.168.156.55 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 193.57.233.87 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 193.57.233.90 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 193.57.236.225 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 193.57.252.27 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 194.76.166.180 10.186.1.53 255.255.255.255 UGH 1 0 0 tun0 This happens only with PulseSecure client. If I connect to another vpn using openvpn client it works without any issue. I tried playing with options like unbound, systemd-resolve.service and resolvconf.service but none them worked for me.
... View more