VPN / DNS Issues With macOS Ventura

The same here, MacMini studio after the upgrade to Ventura the internal DNS names are not resolved.

Stopping and starting Wifi helps but only for a short time.

Same experience. I have downgraded to Monterey 12.6.2 and will stay there until this is resolved.

Same situation here, with or without VPN. Running Ventura 13.1 and can only have one DNS server listed for my resolver - otherwise DNS resolution is not working at all...

Frankly, your issue is probably best addressed by contacting Apple support or going to a Genius Bar.

Because some people don't use VPN for privacy reasons, but because they access a company network through it, and probably only for specific addresses, so you want to use the public DNS for everything else.

f1r3s4l3 wrote:

Because some people don't use VPN for privacy reasons, but because they access a company network through it, and probably only for specific addresses, so you want to use the public DNS for everything else.

But this is a user-to-user support forum for Apple’s consumer products. No one here knows anything about MDM, Jamf, or anything enterprise related. Enterprise users have their own dedicated, paid support staff. If they can’t resolve the issue, they can just call their Apple reps on the phone.

If there is a problem, you’ve found the best place to hide from the people whose job it is to fix those problems for you.

To put it very simply: This is a very normal feature, and it worked in 12.x but does not correctly in 13.x.

And as it (at leas in my case) only happens after the device went to sleep, it would seem common sense that it's not working as designed.

So IMHO it's quite irrelevant whether we're using this to connect to our VPN at home but still want a public DNS for whatever reasons, or if we're stumbling upon this issue in an enterprise environment.

Apple should be grateful that we're bringing this to the public and thus helping to improve their products, but if they prefer to not talk about any potential issues, well...

I find it quite funny that every time someone finds a bug or something like that in an Apple product, someone with thousands of points jumps in to defend Apple. And I wonder if this comment will even make it to the forum, as my last try at a reply was censored for reasons unknown.

f1r3s4l3 wrote:

Apple should be grateful that we're bringing this to the public and thus helping to improve their products, but if they prefer to not talk about any potential issues, well...

Why should Apple be grateful when people experience problems and then don't report them? As I said above, this is a user-to-user support forum for Apple’s consumer products. Apple isn't here.

You are describing a problem that sounds like the opposite of what you describe. If I have a VPN connected and my DNS requests go out to an open DNS server, that's a critical, mission-failure of the VPN. However, I'm not even going to bother testing this because I don't want Google tracking my DNS requests, whether I'm using a VPN or not.

I find it quite funny that every time someone finds a bug or something like that in an Apple product, someone with thousands of points jumps in to defend Apple.

There is lots of misinformation being repeated on the internet. The people here are focused on facts and solving problems. If there is a problem with an Apple product, we will say so and offer workarounds. But in the vast majority of cases, the problem is with some 3rd party product.

I've just stumbled on this post as our internal DNS does not want to work any more with Ventura, we have always had problems, but now the normal fixes don't help... I'm glad I found this as I know now we're not alone, I'm going to look in to raising this with Apple as we should have a rep, if they ever give me anything useful back I will try to add it here (but I won't hold my breath)

I agree, the statement from XDM does not apply to my case, I was unable to curl an internal URL as it would return unable to find host, but if I used nslookup or dig, the response came back from the internal DNS servers correctly

I'm not sure what Private Relay is, but since I don't even use safari, I wouldn't have noticed it failing

I noticed the same behaviour previously, although I don't currently use tunnelblick, but if restarting wifi didn't work, I advised people to switch to their mobile hotspot and to connect to the VPN to confirm whether it works before switching back... but when we upgraded to Ventura, even this didn't help

And one more piece of information: I've just tried contacting Apple support. As soon as they heard the problem is only visible when connected to the VPN, they said it's not something they can help me with; to quote them: "if you disconnect from the VPN and everything works fine, there's nothing we can do for you".

Way to go Apple!

Advisor suggested contacting my VPN provider (which is pointless because tunnel works great and older MacOS or any other OSes work great) and trying my luck on developer.apple.com

I guess I'll do the latter on the off chance.

> Then you can ask them why it works fine in macOS Monterey but not in macOS Ventura (as of the current version)?

Oh, I did of course. And mentioned that Linux and Windows have no issues whatsoever either. They were adamant that if it's anything to do with VPN - they just don't care in the slightest, it's not their problem.

You probably missed the most important point:

Apple does not make any mistakes. Full stop.

If it doesn't work, you're not using it correctly.

<sarcasm off> ;)

That's the reason we've dumped our M1 Max Macs and are now working with Linux on HP hardware.

We've spent too many hours finding workarounds for not-bugs in MacOS or hardware failures lately, it's getting too expensive.

Intersting. Hardware seems fine I think. Not many software issues for me either. But I do agree with you that some ”high level” people here seem to think it’s never a problem on Apple’s side, which in this case it seems pretty clear to be.

I will investigate more and report it to Apple via other channels. Maybe macOS 13.3 has something in store when it comes to this…